SessionUtils.java revision 6772a779abcdb6b5f6f515dbfecc6fb62f5aa24c
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: SessionUtils.java,v 1.10 2009/11/09 18:35:22 beomsuk Exp $
*
* Portions Copyrighted 2013-2015 ForgeRock AS.
* Portions Copyrighted 2015 Nomura Research Institute, Ltd.
*/
/**
* This class Implements utility methods for handling HTTP Session.
* <p>
*/
public class SessionUtils {
/** The QUERY encoding scheme*/
public static final short QUERY = 0;
/** The SLASH encoding scheme*/
public static final short SLASH = 1;
/** The SEMICOLON encoding scheme*/
public static final short SEMICOLON = 2;
/** Set of trusted Inetaddresses */
/** The HTTPClient IPHeader */
/** The SESSION_ENCRYPTION to check if this is encrypted session */
"false")).booleanValue();
/**
* Returns a SessionID string based on a HttpServletRequest object or null
* if session id is not present or there was an error.
* <p>
*
* @param request
* The HttpServletRequest object which contains the session
* string.
* @return an encodeURL with sessionID or the url if session was not present
* or there was an error.
*/
}
return sidString;
}
/**
* Returns the remote IP address of the client
*
* @param servletRequest The HttpServletRequest object which contains the
* session string.
* @return InetAddress the client address
* @exception Exception
*/
}
/* build the trust source set*/
try {
while (stk.hasMoreTokens()) {
}
} else {
// use platform server list as a default fallback
"emptyTrustedSourceList", null);
}
try {
"Validating Host exception", ex);
}
}
}
} catch (Exception e) {
throw new SessionException(e);
}
return result;
}
/**
* Returns the remote IP address of the client is a trusted source
*
* @param source the InetAddress of the remote client
* @return a <code>true </code> if is a trusted source.<code>false> otherwise
* @exception Exception
*/
if (trustedSources == null) {
}
}
/**
* Helper method to get the encrypted session storage key
*
* @param sessionID
* SessionID
* @return encrypted session storage key
* @throws Exception
* if anything goes wrong
*/
throw new SessionException("SessionUtils.getEncryptedStorageKey: StorageKey is null");
}
if (SESSION_ENCRYPTION) {
return strEncrypted;
}
return sKey;
}
/**
* Helper method to get admin token. This is not amadmin user
* but the user configured in serverconfig.xml as super user.
*
* @return SSOToken of super admin.
*/
if (adminToken == null) {
}
return (adminToken);
}
/**
* Helper method to compare if the user token passed is same as admin
* token. It does not check if user token or admin token is valid.
*
* @param admToken Admin Single Sign-On token.
* @param usrToken User Single Sign-On token to compare against admin
* Single Sign-On token.
* @return <code>true</code> if they both are same.
*/
return false;
}
return false;
}
boolean result = false;
try {
} catch (SSOException ssoEx) {
+ "to get principal");
return false;
}
try {
} catch (SSOException ssoEx) {
+ "to get principal");
return false;
}
result = true;
}
if (debug.messageEnabled()) {
" for user principal: " + usrName +
" against admin principal: " + admName);
}
return result;
}
/**
* Helper method to check if client has taken permission to
* set value to it. If
* @param clientToken Token of the client setting protected property.
* @param key Property key
* @param value Property value.
* @throws SessionException if the key is protected property.
*/
throws SessionException {
if (clientToken == null) {
// Throw Ex. Client should identify itself.
if (sessionDebug.warningEnabled()) {
"SessionUtils.checkPermissionToSetProperty(): "
+ "Attempt to set protected property without client "
}
throw new SessionException(
+ " " + key);
}
try {
} catch (SSOException ssoEx) {
// Throw Ex. Not able to get SSOTokenManager instance.
"SessionUtils.checkPermissionToSetProperty(): "
+ "Cannot get instance of SSOTokenManager.");
throw new SessionException(
}
// Throw Ex. Client should identify itself.
if (sessionDebug.warningEnabled()) {
"SessionUtils.checkPermissionToSetProperty(): "
+ "Attempt to set protected property with invalid client"
}
throw new SessionException(
}
try {
} catch (SSOException ssoEx) {
// Throw Ex. Server not able to get Admin Token.
"SessionUtils.checkPermissionToSetProperty(): "
+ "Cannot get Admin Token for validation to set protected "
throw new SessionException(
+ " " + key);
}
// Throw Ex. Client not authorized to set this property.
"SessionUtils.checkPermissionToSetProperty(): "
+ "Client does not have permission to set protected "
throw new SessionException(
+ " " + key);
}
}
}
}