Session.java revision fc8409d20f991d53ac0c4708efa04c121b73c449
/*
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: Session.java,v 1.25 2009/08/14 17:53:35 weisun2 Exp $
*
* Portions copyright 2010-2016 ForgeRock AS.
*/
/**
* The <code>Session</code> class represents a session. It contains session
* related information such as session ID, session type (user/application),
* client ID (user ID or application ID), session idle time, time left on the
* session, and session state. It also allows applications to add listener for
* session events.
*
* @see com.iplanet.dpro.session.SessionID
* @see com.iplanet.dpro.session.SessionListener
*/
public static final String CACHED_BASE_POLLING_PROPERTY = "com.iplanet.am.session.client.polling.cacheBased";
private final SessionCookies sessionCookies;
private final SessionCache sessionCache;
private final SessionServiceURLService sessionServiceURLService;
/*
* Used instead of SessionService in order to avoid potential issues in the ClientSDK. Should eventually not be used
* here.
*/
private final SessionOperationStrategy sessionOperationStrategy;
/**
* Defines the type of Session that has been created.
*/
/**
* Identification string of the Client using this Session.
*/
/**
* Authenticated.
*/
private String clientDomain;
/**
* Total Maximum time allowed for the session, in minutes.
*/
private long maxSessionTime;
/**
* Maximum idle time allowed for the session, in minutes.
*/
private long maxIdleTime;
/**
* Maximum time for which the cached session is used, in minutes.
*/
private long maxCachingTime;
/**
* The time for which the session has been idle, in seconds.
*/
private long sessionIdleTime;
/**
* Total time left for the session, in seconds.
*/
private long sessionTimeLeft;
/**
* Time after which the session will be considered invalid, in milliseconds.
*/
private long sessionExpiryTime;
/*
* This is the time value (computed as System.currentTimeMillis()/1000) when
* the session timed out. Value zero means the session has not timed out.
*/
private volatile long timedOutAt = 0;
/**
* Four possible values for the state of the session:
* <ul>
* <li>Invalid</li>
* <li>Valid</li>
* <li>Inactive</li>
* <li>Destroyed</li>
* </ul>
*/
/**
* If this is a Remote session that has been destroyed but not yet removed from the
* sessionTable, this flag is used to avoid repeated notification of the DESTROY event
* to session listeners.
*/
/**
* All session related properties are stored as key-value pair in this
* table.
*/
/**
* URL of the Session Server, where this session resides.
* Note: This field only exists to optimise client mode.
*/
private URL sessionServiceURL;
/**
* Last time the client sent a request associated with this session, as the
* number of seconds since midnight January 1, 1970 GMT.
*/
private volatile long latestRefreshTime;
/**
* Indicates whether the latest access time need to be reset on the session.
*/
private volatile boolean needToReset = false;
/**
* Set of session event listeners for THIS session only
*/
/**
* Constructor used by this package only.
*
* ClientSDK: This code has to operate both on the serer and the client. It needs
* to be able to resolve dependencies in an appropriate way in both conditions.
*/
if (SystemProperties.isServerMode()) {
// Had to choose, final or @Inject approach. Went final.
} else {
}
}
public AtomicBoolean getRemoved() {
return removed;
}
public SessionID getSessionID() {
return sessionID;
}
public String getCookieStr() {
return cookieStr;
}
}
//todo: Object...
}
/**
* Returns the session ID.
* @return The session ID.
*/
return sessionID;
}
/**
* Updates the ID of the session. Used when updating a stateless session.
*
* @param sessionID the new session ID for the session.
*/
}
/**
* Returns the session type.
*
* @return The session type.
*/
public SessionType getType() {
return sessionType;
}
/**
* Returns the client ID in the session.
*
* @return The client ID in the session.
*/
public String getClientID() {
return clientID;
}
/**
* Returns the client domain in the session.
*
* @return The client domain in the session.
*/
public String getClientDomain() {
return clientDomain;
}
/**
* Returns the maximum session time in minutes.
*
* @return The maximum session time.
*/
public long getMaxSessionTime() {
return maxSessionTime;
}
/**
* Returns the maximum session idle time in minutes.
*
* @return The maximum session idle time.
*/
public long getMaxIdleTime() {
return maxIdleTime;
}
/**
* Returns true if the session has timed out.
* @return <code>true</code> if session timed out,
* <code>false</code>otherwise
* @exception SessionException
*/
public boolean isTimedOut() throws SessionException {
/**
* Before going to the server, check if the session has been already
* marked TimedOut or not.
*/
if (timedOutAt > 0) {
return true;
}
if (!usingCachedBasedPolling() && maxCachingTimeReached()){
try {
refresh(false);
} catch (SessionTimedOutException e) {
}
}
return timedOutAt > 0;
}
/**
* Returns the maximum session caching time in minutes.
*
* @return The maximum session caching time.
*/
public long getMaxCachingTime() {
return maxCachingTime;
}
/**
* Returns the session idle time in seconds.
*
* @return The session idle time.
* @exception SessionException if the session reached its maximum session
* time, or the session was destroyed, or there was an error
* during communication with session service.
*/
public long getIdleTime() throws SessionException {
return sessionIdleTime;
}
/**
* Returns the time left for this session in seconds.
*
* @return The time left for this session.
* @exception SessionException is thrown if the session reached its
* maximum session time, or the session was destroyed, or
* there was an error during communication with session
* service.
*/
public long getTimeLeft() throws SessionException {
return sessionTimeLeft;
}
private void refreshSessionIfStale() throws SessionException {
if (!usingCachedBasedPolling() && maxCachingTimeReached()) {
refresh(false);
}
}
/**
* The time (in milliseconds from the UTC epoch) until this session can be removed from a session blacklist. This
* is guaranteed to be some time after the session has expired.
*
* @return the at which the session expires (if it has not already) plus a purge delay.
* @throws BlacklistException if the session has already expired or an error occurs.
*/
public long getBlacklistExpiryTime() throws BlacklistException {
try {
return sessionExpiryTime;
} catch (SessionException e) {
throw new BlacklistException(e);
}
}
/**
* Gets the time at which the Session was last refreshed from the master copy (in millis).
* @return The latest time at which the session was refreshed.
*/
public long getLatestRefreshTime() {
return latestRefreshTime;
}
/**
* Returns the state of the session.
*
* @param reset
* This parameter indicates that whether the Session Service
* needs to reset the latest access time on this session.
* @return The state of the session. The session state is one of the
* following: <code>INVALID, VALID, INACTIVE, and DESTROYED</code>.
* @exception SessionException is thrown if the session reached its
* maximum session time, or the session was destroyed, or
* there was an error during communication with session
* service.
*/
if (!usingCachedBasedPolling() && maxCachingTimeReached()) {
} else {
if (reset) {
needToReset = true;
}
}
return sessionState;
}
}
/**
* Gets the property stored in this session.
*
* @param name The property name.
* @return The property value in String format.
* @exception SessionException is thrown if the session reached its
* maximum session time, or the session was destroyed, or
* there was an error during communication with session
* service.
*/
if (name == null ? sessionCookies.getLBCookieName() != null : !name.equals(sessionCookies.getLBCookieName())) {
if ((!usingCachedBasedPolling() && maxCachingTimeReached()) ||
refresh(false);
}
}
}
/**
* Given a restricted token, returns the SSOTokenID of the master token
* can only be used if the requester is an app token
*
* @param s Must be an app token
* @param restrictedId The SSOTokenID of the restricted token
* @return The SSOTokenID string of the master token
* @throws SSOException If the master token cannot be dereferenced
*/
throws SessionException {
try {
}
catch (Exception e) {
throw new SessionException(e);
}
return masterSID;
}
/**
* Returns true if the SSOTokenID associated with this SSOToken is a
* restricted token, false otherwise.
*
* @return true if the token is restricted
* @throws SSOException If we are unable to determine if the session is
* restricted
*/
public boolean isRestricted() throws SessionException {
return restriction != null;
}
/**
* Gets the property stored in this session.
*
* @param name The property name.
* @return The property value in String format only
* when run in the server mode else return null
*/
if (SystemProperties.isServerMode()) {
}
return null;
}
/**
* Sets a property for this session.
*
* @param name The property name.
* @param value The property value.
* @exception SessionException if the session reached its maximum session
* time, or the session was destroyed, or there was an error
* during communication with session service, or if the property
* name or value was null.
*/
throw new SessionException("Session property name/value cannot be null");
}
try {
} catch (Exception e) {
throw new SessionException(e);
}
}
/**
* Used to find out if the maximum caching time has reached or not.
*/
public boolean maxCachingTimeReached() {
}
/**
* Gets the Session Service URL for this session object.
*
* @return The Session Service URL for this session.
* @exception SessionException when cannot get Session URL.
*/
if (SystemProperties.isServerMode()) {
}
// we can cache the result because in client mode
// session service location does not change
// dynamically
if (sessionServiceURL == null) {
}
return sessionServiceURL;
}
/**
* Destroys a session.
*
* @param session The session to be destroyed.
* @exception SessionException if there was an error during
* communication with session service, or the corresponding
* session was destroyed.
*/
try {
} catch (Exception e) {
throw new SessionException(e);
}
finally {
}
}
/**
* Logs out a session.
*
* @throws SessionException if there was an error during communication
* with session service. If the session logged out already,
* no exception will be thrown.
*/
public void logout() throws SessionException {
try {
} catch (Exception e) {
throw new SessionException(e);
}
}
/**
* Adds a session listener for session change events.
*
* @param listener Session Listener object.
* @exception SessionException if the session state is not valid.
*/
addSessionListener(listener, false);
}
/**
* Adds a session listener for session change events.
*
* @param listener Session Listener object.
* @param force whether to ignore whether a Session is in the Invalid state. If false will throw an exception if
* the Session is Invalid.
* @exception SessionException if the session state is not valid.
*/
}
}
/**
* Gets all valid sessions from the specified session server. This session
* is subject to access control in order to get all sessions.
*
* @param server
* The session server name. If the server name contains protocol
* and port, the protocol and port will be used. Otherwise, the
* server protocol and port is default to the same protocol and
* port of the calling session.
* @return A Vector of Session objects.
* @exception SessionException if there was an error during
* communication with session service.
*/
throws SessionException {
if (pos != -1) {
}
if (pos != -1) {
if (pos1 != -1 ) {
}
}
}
/**
* Get all the event listeners for this Session.
*
* @return SessionEventListener vector
*/
return localSessionEventListeners;
}
/**
* Returns all the valid sessions for a particular Session Service URL. If a
* user is not allowed to access the Sessions of the input Session Server,
* it will return null.
*
* @param svcurl Session Service URL.
* @exception SessionException
*/
throws SessionException {
try {
}
}
}
/**
* Gets the latest session from session server and updates the local cache
* of this session.
*
* @param reset The flag to indicate whether to reset the latest session
* access time in the session server.
* @exception SessionException if the session reached its
* maximum session time, or the session was destroyed, or
* there was an error during communication with session
* service.
*/
if (activeContext == null) {
activeContext = this.context;
}
try {
new RestrictedTokenAction() {
return null;
}
});
} catch (Exception e) {
if (sessionDebug.messageEnabled()) {
+ sessionID);
}
throw new SessionException(e);
}
}
/*
* Refreshes the Session Information
* @param <code>true</code> refreshes the Session Information
*/
needToReset = false;
long oldMaxCachingTime = maxCachingTime;
long oldMaxIdleTime = maxIdleTime;
long oldMaxSessionTime = maxSessionTime;
}
/**
* Updates the session from the session information server.
*
* @param info Session Information.
*/
}
if (timedOutAt <= 0) {
if (sessionTimedOutProp != null) {
try {
} catch (NumberFormatException e) {
+ sessionTimedOutProp, e);
}
}
}
// note : do not use getProperty() call here to avoid unexpected
// recursion via
// refresh()
if (restrictionProp != null) {
try {
} catch (Exception e) {
throw new SessionException(e);
}
}
}
/**
* Sets a token restriction on this session. Optional operation - specific sub-classes can throw an exception if
* not supported.
*
* @param restriction the restriction to apply to this session.
* @throws UnsupportedOperationException if this session type does not support token restrictions.
*/
this.restriction = restriction;
}
/**
* populate context object with admin token
* @exception SessionException
* @param appSSOToken application SSO Token to bet set
*/
{
if (appSSOToken == null) {
if (sessionDebug.warningEnabled()) {
+ "createContext():, "
+ "cannot obtain application SSO token, "
+ "defaulting to IP address");
}
} else {
+ "createContext():, "
+ "setting context to application SSO token");
}
}
/**
* Set the timeout time for this Session if it wasn't already set.
*/
public void timeout() {
if (timedOutAt <= 0) {
}
}
/**
* Add listener to Internal Session.
*/
public void addInternalSessionListener() {
try {
}
} catch (Exception e) {
//todo : something! :-D
}
}
/**
* Returns true if cookies are supported else false. The
* <code>cookieSupport</code> value is first determined from the Session ID
* object , if that is null then it is determined based on the cookie mode
* value set in the Session object else <code>cookieSupport</code> value is
* retrieved from the session property <code>cookieSupport</code>. If
* cookie Support value is not determined then the the default "false" is
* assumed.
*/
public boolean getCookieSupport() {
boolean cookieSupport = false;
try {
if (cookieMode != null) {
} else if (this.cookieMode != null) {
} else {
if (cookieSupportStr != null) {
}
}
cookieSupport = true;
}
if (sessionDebug.messageEnabled()) {
}
return cookieSupport;
}
/**
* Set the cookie Mode based on whether the request has cookies or not. This
* method is called from <code>createSSOToken(request)</code> method in
* <code>SSOTokenManager</code>.
*
* @param cookieMode whether request has cookies or not.
*/
if (sessionDebug.messageEnabled()) {
}
if (cookieMode != null) {
this.cookieMode = cookieMode;
}
}
return restriction;
}
Object getContext() {
return context;
}
/**
* Returns a stable ID that can be used as a unique identifier when storing this session.
*
* @return a unique stable storage id.
*/
public String getStableStorageID() {
}
private boolean usingCachedBasedPolling() {
}
}