7d46f125408af7521e0e8021e0da5609fb8f7ec2Tom Rumsey * Copyright 2014-2016 ForgeRock AS.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * The contents of this file are subject to the terms of the Common Development and
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * Distribution License (the License). You may not use this file except in compliance with the
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * You can obtain a copy of the License at legal/CDDLv1.0.txt. See the License for the
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * specific language governing permission and limitations under the License.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * When distributing Covered Software, include this CDDL Header Notice in each file and include
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * the License file at legal/CDDLv1.0.txt. If applicable, add the following below the CDDL
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * Header, with the fields enclosed by brackets [] replaced by your own identifying
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * information: "Portions copyright [year] [name of copyright owner]".
c414e18b750ecd647a82c14bb30f33afc32ca188Peter Majorimport org.forgerock.openam.dpro.session.PartialSession;
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshottimport com.iplanet.dpro.session.SessionException;
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshottimport com.iplanet.dpro.session.share.SessionInfo;
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * Describes the ability to perform an operation on a Session.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * These operations are specific to the Session Service, therefore all will be
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * keyed by the SessionID key.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * This abstraction layer is important as it will be implementation specific as to
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * how this operation will be performed.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * Note: Session instances are the currency of the
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * {@link com.iplanet.dpro.session.Session} Service. The aptly titled
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * {@link com.iplanet.dpro.session.service.SessionService} deals with InternalSessions.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * The common currency between them is the SessionID which is suitably generic to use in
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * this interface.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * Performs a refresh of the Session and return a summary of the Session information.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * This will optionally update the last modified timestamp of the Session.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * Note: This method is inconsistent from the other two in that it requires a Session
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * reference. This is because of a dependency which could not be resolved without
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * substantial refactoring in the Remote implementation.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * @param reset If true, then update the last modified timestamp of the Session.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * @param session Reference to the Session.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * @return Null if there was an error locating the Session, otherwise non null.
7d46f125408af7521e0e8021e0da5609fb8f7ec2Tom Rumsey SessionInfo refresh(Session session, boolean reset) throws SessionException;
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * Destroys the Session by removing it and moving it to the DESTROY state.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * This operation is similar to the logout and uses similar behaviour.
6b0b9411405932b5ada376bb06d6bc3d94980d7fPeter Major * @param requester The requester's non null session used to authorize the destroy operation.
6b0b9411405932b5ada376bb06d6bc3d94980d7fPeter Major * @param session The non null session to destroy.
6b0b9411405932b5ada376bb06d6bc3d94980d7fPeter Major * @throws SessionException If there was an error while deleting the token.
7d46f125408af7521e0e8021e0da5609fb8f7ec2Tom Rumsey void destroy(Session requester, Session session) throws SessionException;
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * Assigns the property to the Session.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * @param session The session to perform the set on.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * @param name Non null name of the property.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * @param value Non null value.
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * @throws SessionException SessionException if the session reached its maximum
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * session time, or the session was destroyed, or there was an error during
72450cb9c2ca854c6d3479832c2738196c1d3282Robert Wapshott * communication with session service, or if the property name or value was null.
7d46f125408af7521e0e8021e0da5609fb8f7ec2Tom Rumsey void setProperty(Session session, String name, String value) throws SessionException;
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * Get the Session Info Object from the Session ID.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param sessionId the Session Id of the required Session Info.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param reset if true will cause the last access time on the session to be updated.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @return a Session Info object for the required session.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @throws SessionException if the session could not be accessed.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey SessionInfo getSessionInfo(SessionID sessionId, boolean reset) throws SessionException;
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * Add a session listener notification url. The url will receive a notification when session change events occur.
fc8409d20f991d53ac0c4708efa04c121b73c449Tom Rumsey * @param session the session to listen to.
fc8409d20f991d53ac0c4708efa04c121b73c449Tom Rumsey * @param url the listener notification url
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @throws SessionException if the session could not be accessed.
fc8409d20f991d53ac0c4708efa04c121b73c449Tom Rumsey void addSessionListener(Session session, String url) throws SessionException;
aa9422005d747789faacd4064a4d42c58014a41cTom Rumsey * Check whether a session identified by {code sessionId} can be retrieved.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param sessionId the session ID to check.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @return returns true if the session is local
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @throws SessionException if the session could not be accessed.
aa9422005d747789faacd4064a4d42c58014a41cTom Rumsey boolean checkSessionExists(SessionID sessionId) throws SessionException;
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * Gets the restricted token ID for a session.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param masterSessionId the master session id to get the restricted token id for
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param restriction the Token Restriction type to use
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @return a Restricted token ID as a String
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @throws SessionException if the session could not be accessed.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey String getRestrictedTokenId(SessionID masterSessionId, TokenRestriction restriction) throws SessionException;
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * Given a restricted token, returns the SSOTokenID of the master token
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * can only be used if the requester is an app token
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param session Must be an app token
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param restrictedID The SSOTokenID of the restricted token
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @return The SSOTokenID string of the master token
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @throws SessionException If the master token cannot be de-referenced
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey String deferenceRestrictedID(Session session, SessionID restrictedID) throws SessionException;
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * Sets an external property in the session. If the property is protected then it will throw a SessionException.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param clientToken SSO Token of the client setting external property.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param sessionId The Id of the session to set the property on
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param name the name of the property
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param value the new value of the property
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @throws SessionException If the Session could not be accessed or the property is protected.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey void setExternalProperty(SSOToken clientToken, SessionID sessionId, String name, String value) throws SessionException;
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * Performs the logout operation on the Session.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * This operation is intended to destroy the Session and perform any appropriate
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * Session related logic.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param session Session to logout.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey void logout(final Session session) throws SessionException;
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * Retrieves the Session from the Session ID.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @param sessionID the ID of the session to resolve
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @return the Session Object
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey * @throws SessionException if the session could not be accessed.
a90aba9cbcbb8e7fe95e45590d853959efe0d354Tom Rumsey Session resolveSession(SessionID sessionID) throws SessionException;
fc8409d20f991d53ac0c4708efa04c121b73c449Tom Rumsey * Returns all sessions which are accessible using the provided session for authorization, and which match the
fc8409d20f991d53ac0c4708efa04c121b73c449Tom Rumsey * provided filter. Will return early if size or time limits are exceeded.
fc8409d20f991d53ac0c4708efa04c121b73c449Tom Rumsey * @param session The session to use for authorization.
fc8409d20f991d53ac0c4708efa04c121b73c449Tom Rumsey * @param pattern The pattern to use to match the sessions.
fc8409d20f991d53ac0c4708efa04c121b73c449Tom Rumsey * @return The list of sessioninfos found, capped based on time and quantity.
fc8409d20f991d53ac0c4708efa04c121b73c449Tom Rumsey * @throws SessionException If the request fails.
fc8409d20f991d53ac0c4708efa04c121b73c449Tom Rumsey SearchResults<SessionInfo> getValidSessions(Session session, String pattern) throws SessionException;
c414e18b750ecd647a82c14bb30f33afc32ca188Peter Major * Returns partial sessions from the session service backend that matches the provided CREST query. The resultset
c414e18b750ecd647a82c14bb30f33afc32ca188Peter Major * size is limited by the session service's "iplanet-am-session-max-session-list-size" attribute. The returned
c414e18b750ecd647a82c14bb30f33afc32ca188Peter Major * sessions are only "partial" sessions, meaning that they do not represent the full session state.
c414e18b750ecd647a82c14bb30f33afc32ca188Peter Major * @param crestQuery The CREST query based on which we should look for matching sessions.
c414e18b750ecd647a82c14bb30f33afc32ca188Peter Major * @return The collection of matching partial sessions.
c414e18b750ecd647a82c14bb30f33afc32ca188Peter Major * @throws SessionException If the request fails.