SessionCondition.java revision ac1bb24ef255fda7c25609b82632c0dcba732d6c
/*
* The contents of this file are subject to the terms of the Common Development and
* Distribution License (the License). You may not use this file except in compliance with the
* License.
*
* You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
* specific language governing permission and limitations under the License.
*
* When distributing Covered Software, include this CDDL Header Notice in each file and include
* the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
* Header, with the fields enclosed by brackets [] replaced by your own identifying
* information: "Portions copyright [year] [name of copyright owner]".
*
* Copyright 2006 Sun Microsystems Inc
*/
/*
* Portions Copyright 2014-2015 ForgeRock AS.
*/
import static com.sun.identity.entitlement.EntitlementException.UNABLE_TO_PARSE_SSOTOKEN_AUTHINSTANT;
/**
* <p>An implementation of an {@link com.sun.identity.entitlement.EntitlementCondition} that defines the maximum user
* session time during which a policy applies.</p>
*
* <p>This is an option to terminate the user session if the session time exceeds the maximum allowed.</p>
*
* @since 12.0.0
*/
public class SessionCondition extends EntitlementConditionAdaptor {
/**
* Key that is used to define the user session creation time of the request. This is passed in to the {@code env}
* parameter while invoking {@code getConditionDecision} method of the {@code SessionCondition}. Value for the key
* should be a {@code Long} whose value is time in milliseconds since epoch.
*/
/**
* Key that is used to identify the advice messages from this condition.
*/
/**
* Key that is used in the {@code Advice} to identify the session was terminated.
*/
/**
* Key that is used in the {@code Advice} to identify the condition decision is {@code deny}.
*/
private final CoreWrapper coreWrapper;
private final TimeService timeService;
private long maxSessionTime;
private boolean terminateSession;
/**
* Constructs a new SessionCondition instance.
*/
public SessionCondition() {
}
/**
* Constructs a new SessionCondition instance.
*
* @param debug A Debug instance.
* @param coreWrapper An instance of the CoreWrapper.
* @param timeService An instance of the TimeService;
*/
this.coreWrapper = coreWrapper;
this.timeService = timeService;
}
/**
* {@inheritDoc}
*/
try {
} catch (JSONException e) {
}
}
/**
* {@inheritDoc}
*/
return toString();
}
/**
* {@inheritDoc}
*/
public ConditionDecision evaluate(String realm, Subject subject, String resourceName, Map<String, Set<String>> env)
throws EntitlementException {
}
long tokenCreationTime;
if (requestSessionCreationTime != null) {
} else {
try {
tokenCreationTime = DateUtils.stringToDate(token.getProperty(SSOTOKEN_PROPERTY_AUTHINSTANT)).getTime();
} catch (ParseException e) {
throw new EntitlementException(UNABLE_TO_PARSE_SSOTOKEN_AUTHINSTANT, e);
} catch (SSOException e) {
throw new EntitlementException(CONDITION_EVALUTATION_FAILED, e);
}
}
if (debug.messageEnabled()) {
"\n expiredTime: " + expiredTime);
}
if (currentTime < expiredTime) {
} else {
if (terminateSession) {
// set advice message
// terminate token session
try {
} catch (SSOException ssoEx) {
if (debug.warningEnabled()) {
ssoEx);
}
}
}
}
}
}
return null;
}
return jo;
}
/**
* {@inheritDoc}
*/
try {
} catch (JSONException e) {
}
return s;
}
public long getMaxSessionTime() {
return maxSessionTime / 60000;
}
public void setMaxSessionTime(long maxSessionTime) {
}
public boolean isTerminateSession() {
return terminateSession;
}
public void setTerminateSession(boolean terminateSession) {
this.terminateSession = terminateSession;
}
public void validate() throws EntitlementException {
if (maxSessionTime < 0L) {
}
}
return false;
}
return false;
}
return false;
}
}
public int hashCode() {
return hc;
}
}