Package com.sun.identity.session.util
Class SessionUtils
- java.lang.Object
-
- com.sun.identity.session.util.SessionUtils
-
public class SessionUtils extends Object
This class Implements utility methods for handling HTTP Session.
-
-
Constructor Summary
Constructors Constructor Description SessionUtils()
-
Method Summary
All Methods Static Methods Concrete Methods Modifier and Type Method Description static voidcheckPermissionToSetProperty(SSOToken clientToken, String key, String value)Helper method to check if client has taken permission to set value to it.static SSOTokengetAdminToken()Helper method to get admin token.static InetAddressgetClientAddress(jakarta.servlet.http.HttpServletRequest servletRequest)Returns the remote IP address of the clientstatic StringgetDecrypted(String encrypted)static StringgetEncrypted(String clear)static StringgetEncryptedStorageKey(SessionID clear)static StringgetSessionId(jakarta.servlet.http.HttpServletRequest request)Returns a SessionID string based on a HttpServletRequest object or null if session id is not present or there was an error.static booleanisAdmin(SSOToken admToken, SSOToken usrToken)Helper method to compare if the user token passed is same as admin token.static booleanisTrustedSource(InetAddress source)Returns the remote IP address of the client is a trusted source
-
-
-
Field Detail
-
QUERY
public static final short QUERY
The QUERY encoding scheme- See Also:
- Constant Field Values
-
SLASH
public static final short SLASH
The SLASH encoding scheme- See Also:
- Constant Field Values
-
SEMICOLON
public static final short SEMICOLON
The SEMICOLON encoding scheme- See Also:
- Constant Field Values
-
-
Method Detail
-
getSessionId
public static String getSessionId(jakarta.servlet.http.HttpServletRequest request)
Returns a SessionID string based on a HttpServletRequest object or null if session id is not present or there was an error.- Parameters:
request- The HttpServletRequest object which contains the session string.- Returns:
- an encodeURL with sessionID or the url if session was not present or there was an error.
-
getClientAddress
public static InetAddress getClientAddress(jakarta.servlet.http.HttpServletRequest servletRequest) throws Exception
Returns the remote IP address of the client- Parameters:
servletRequest- The HttpServletRequest object which contains the session string.- Returns:
- InetAddress the client address
- Throws:
Exception
-
isTrustedSource
public static boolean isTrustedSource(InetAddress source) throws SessionException
Returns the remote IP address of the client is a trusted source- Parameters:
source- the InetAddress of the remote client- Returns:
- a
trueif is a trusted source.false> otherwise - Throws:
ExceptionSessionException
-
getEncryptedStorageKey
public static String getEncryptedStorageKey(SessionID clear) throws Exception
- Throws:
Exception
-
getAdminToken
public static SSOToken getAdminToken() throws SSOException
Helper method to get admin token. This is not amadmin user but the user configured in serverconfig.xml as super user.- Returns:
- SSOToken of super admin.
- Throws:
SSOException
-
isAdmin
public static boolean isAdmin(SSOToken admToken, SSOToken usrToken)
Helper method to compare if the user token passed is same as admin token. It does not check if user token or admin token is valid.- Parameters:
admToken- Admin Single Sign-On token.usrToken- User Single Sign-On token to compare against admin Single Sign-On token.- Returns:
trueif they both are same.
-
checkPermissionToSetProperty
public static void checkPermissionToSetProperty(SSOToken clientToken, String key, String value) throws SessionException
Helper method to check if client has taken permission to set value to it. If- Parameters:
clientToken- Token of the client setting protected property.key- Property keyvalue- Property value.- Throws:
SessionException- if the key is protected property.
-
-