com.sun.identity.session.util

Class SessionUtils

java.lang.Object

com.sun.identity.session.util.SessionUtils

public class SessionUtils
extends Object

This class Implements utility methods for handling HTTP Session.

Field Summary

Fields

Modifier and Type	Field and Description
static short	QUERY The QUERY encoding scheme
static short	SEMICOLON The SEMICOLON encoding scheme
static short	SLASH The SLASH encoding scheme

Constructor Summary

Constructors

Constructor and Description
SessionUtils()

Method Summary

Modifier and Type	Method and Description
static void	checkPermissionToSetProperty(SSOToken clientToken, String key, String value) Helper method to check if client has taken permission to set value to it.
static SSOToken	getAdminToken() Helper method to get admin token.
static InetAddress	getClientAddress(javax.servlet.http.HttpServletRequest servletRequest) Returns the remote IP address of the client
static String	getDecrypted(String encrypted)
static String	getEncrypted(String clear)
static String	getEncryptedStorageKey(SessionID clear)
static String	getSessionId(javax.servlet.http.HttpServletRequest request) Returns a SessionID string based on a HttpServletRequest object or null if session id is not present or there was an error.
static boolean	isAdmin(SSOToken admToken, SSOToken usrToken) Helper method to compare if the user token passed is same as admin token.
static boolean	isTrustedSource(InetAddress source) Returns the remote IP address of the client is a trusted source

Methods inherited from class java.lang.Object

clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Field Detail

QUERY

public static final short QUERY

The QUERY encoding scheme

See Also:

Constant Field Values

SLASH

public static final short SLASH

The SLASH encoding scheme

See Also:

Constant Field Values

SEMICOLON

public static final short SEMICOLON

The SEMICOLON encoding scheme

See Also:

Constant Field Values

Constructor Detail

SessionUtils

public SessionUtils()

Method Detail

getSessionId

public static String getSessionId(javax.servlet.http.HttpServletRequest request)

Returns a SessionID string based on a HttpServletRequest object or null if session id is not present or there was an error.

Parameters:

request - The HttpServletRequest object which contains the session string.

Returns:

an encodeURL with sessionID or the url if session was not present or there was an error.

getClientAddress

public static InetAddress getClientAddress(javax.servlet.http.HttpServletRequest servletRequest)
                                    throws Exception

Returns the remote IP address of the client

Parameters:

servletRequest - The HttpServletRequest object which contains the session string.

Returns:

InetAddress the client address

Throws:

Exception

isTrustedSource

public static boolean isTrustedSource(InetAddress source)
                               throws SessionException

Returns the remote IP address of the client is a trusted source

Parameters:

source - the InetAddress of the remote client

Returns:

a true if is a trusted source.false> otherwise

Throws:

Exception

SessionException

getEncryptedStorageKey

public static String getEncryptedStorageKey(SessionID clear)
                                     throws Exception

Throws:

Exception

getEncrypted

public static String getEncrypted(String clear)

getDecrypted

public static String getDecrypted(String encrypted)

getAdminToken

public static SSOToken getAdminToken()
                              throws SSOException

Helper method to get admin token. This is not amadmin user but the user configured in serverconfig.xml as super user.

Returns:

SSOToken of super admin.

Throws:

SSOException

isAdmin

public static boolean isAdmin(SSOToken admToken,
                              SSOToken usrToken)

Helper method to compare if the user token passed is same as admin token. It does not check if user token or admin token is valid.

Parameters:

admToken - Admin Single Sign-On token.

usrToken - User Single Sign-On token to compare against admin Single Sign-On token.

Returns:

true if they both are same.

checkPermissionToSetProperty

public static void checkPermissionToSetProperty(SSOToken clientToken,
                                                String key,
                                                String value)
                                         throws SessionException

Helper method to check if client has taken permission to set value to it. If

Parameters:

clientToken - Token of the client setting protected property.

key - Property key

value - Property value.

Throws:

SessionException - if the key is protected property.