ISAuthConstants.java revision 70a82a3cf851abe9162f9cac5fc3342d7f956cd0
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2005 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: ISAuthConstants.java,v 1.21 2009/11/25 12:05:07 manish_rustagi Exp $
*
* Portions Copyrighted 2010-2015 ForgeRock AS.
*/
/**
* This interface contains all the constants defined in in Authentication
* Service.
*/
public interface ISAuthConstants {
/**
* org parameter
*/
/**
* realm parameter
*/
/**
* domain parameter
*/
/**
* Module Param
*/
/**
* Query param name for User based authentication
*/
/**
* Query param name for Role based authentication
*/
/**
* Query param name for AuthLevel based authentication
*/
/**
* Query param name for Service based authenticatin
* (a.k.a. authentication chain)
*/
/**
* Query param name for IP/Resource/Environment based authentication
*/
/**
* Query param name for specify resource URL for the
* IP/Resource/Environment based authentication.
*/
/**
* Param name to specify redirect URL advice in Policy condition for the
* IP/Resource/Environment based authentication.
*/
/**
* Key name to specify the IP address value in environment map for the
* IP/Resource/Environment based authentication.
*/
/**
* Param name for goto redirection
*/
/**
* Forward parameter, used by UI to inform Liberty federation if this is a
* forward request or not after successful authentication.
*
* @deprecated As of OpenSSO version 8.0
* {@link com.sun.identity.shared.Constants#FORWARD_PARAM}
*
*/
/**
* Value for <code>FORWARD_PARAM</code> indicating this is a forward
* request.
*
* @deprecated As of OpenSSO version 8.0
* {@link com.sun.identity.shared.Constants#FORWARD_YES_VALUE}
*/
/**
* Application user prefix
*/
/**
* Application user naming attribute
*/
/**
* Application special users container
*/
public static final String APPLICATION_CLASSNAME =
"com.sun.identity.authentication.modules.application.Application";
/**
* Active
*/
/**
* Authentication Service Name
*/
/**
* LDAP Authentication Service Name
*/
/**
* HTTP Basic Authentication Service Name
*/
public static final String AUTH_HTTP_BASIC_SERVICE_NAME =
"iPlanetAMAuthHTTPBasicService";
/**
* Auth Configuration Service Name
*/
public static final String AUTHCONFIG_SERVICE_NAME =
"iPlanetAMAuthConfiguration";
/**
* Platform Service Name
*/
public static final String PLATFORM_SERVICE_NAME =
"iPlanetAMPlatformService";
/**
* Session Service Name
*/
/**
* Application Module Name
*/
/**
* FederationModule Name
*/
/**
* SAML Module Name
*/
/**
* Attributes
*/
/**
* LDAP Service Attributes
*/
+ "user-naming-attribute";
+ "user-search-attributes";
+ "search-filter";
+ "bind-passwd";
+ "search-scope";
+ "return-user-dn";
/**
* SecurID Service Attribute
*/
public static final String SECURID_SERVICE_PREFIX =
AUTH_ATTR_PREFIX + "securid-";
public static final String SECURID_CONFIG_PATH =
SECURID_SERVICE_PREFIX + "server-config-path";
/**
* Platform Service Attributes
*/
public static final String PLATFORM_CHARSET_ATTR =
"iplanet-am-platform-html-char-set";
public static final String PLATFORM_LOCALE_ATTR =
"iplanet-am-platform-locale";
public static final String PLATFORM_CLIENT_CHARSET_ATTR =
"iplanet-am-platform-client-charsets";
public static final String PLATFORM_COOKIE_DOMAIN_ATTR =
"iplanet-am-platform-cookie-domains";
public static final String SERVICE_STATUS_ATTR =
"iplanet-am-service-status";
/**
* Session Service Max Session Time Attribute
*/
public static final String MAX_SESSION_TIME =
"iplanet-am-session-max-session-time";
/**
* Session Service Max Idle Time Attribute
*/
public static final String SESS_MAX_IDLE_TIME =
"iplanet-am-session-max-idle-time";
/**
* Session Service Max Idle Time Attribute
*/
public static final String SESS_MAX_CACHING_TIME =
"iplanet-am-session-max-caching-time";
/**
* inetdomainstatus
*/
/**
* Auth Locale Attribute
*/
/**
* Auth redirect url attributes
*/
+ "login-success-url";
+ "login-failure-url";
/**
* User attributes
*/
+ "post-login-process-class";
/**
* Auth attributes
*/
+ "alias-attr-name";
+ "user-container";
+ "default-role";
+ "user-naming-attr";
+ "dynamic-profile-creation";
+ "allowed-modules";
+ "default-auth-level";
+ "login-failure-lockout-mode";
public static final String LOGIN_FAILURE_STORE_IN_DS =
"sunStoreInvalidAttemptsInDS";
+ "lockout-duration";
public static final String LOCKOUT_MULTIPLIER =
"sunLockoutDurationMultiplier";
+ "login-failure-count";
+ "login-failure-duration";
+ "username-generator-enabled";
+ "username-generator-class";
+ "lockout-warn-user";
+ "lockout-attribute-name";
+ "lockout-attribute-value";
+ "lockout-email-address";
public static final String INVALID_ATTEMPTS_DATA_ATTR_NAME =
"sunAMAuthInvalidAttemptsDataAttrName";
+ "admin-auth-module";
+ "authenticators";
+ "sleep-interval";
/**
* SPI related constants
*/
public static final String DEFAULT_USERID_GENERATOR_CLASS =
"com.sun.identity.authentication.spi.DefaultUserIDGenerator";
public static final String ADMINISTRATION_SERVICE =
"iPlanetAMAdminConsoleService";
public static final String USERID_PASSWORD_VALIDATION_CLASS =
"iplanet-am-admin-console-user-password-validation-class";
public static final String SHARED_STATE_USERNAME =
"javax.security.auth.login.name";
public static final String SHARED_STATE_PASSWORD =
"javax.security.auth.login.password";
+ "shared-state-enabled";
+ "store-shared-state-enabled";
+ "shared-state-behavior-pattern";
/**
* Log and debug file names
*/
/**
* Resource bundle names
*/
/**
* Default Values
*/
/**
* Option key values for User Profile choice selection
*/
/**
* Property Names to be stored in SSOToken
*/
public static final String POST_PROCESS_SUCCESS_URL =
"PostProcessSuccessURL";
public static final String POST_AUTH_PROCESS_INSTANCE =
"PostAuthProcessInstance";
/**
* Delimiters
*/
/**
* login states
*/
public static final int LOGIN_IGNORE = 0;
public static final int LOGIN_START = 1;
public static final int LOGIN_SUCCEED = -1;
public static final int LOGIN_CHALLENGE = 2;
// next three added for SecurID
public static final int LOGIN_NEXT_TOKEN = 3;
public static final int LOGIN_SYS_GEN_PIN = 4;
public static final int LOGIN_NEW_PIN_NEXT_TOKEN = 5;
/** Organization Attribute */
/** Resource Lookup Related variableds */
/** Auth Cookie Name */
/** Dist Auth Cookie Name */
+ "module-instances";
+ "admin-auth-module";
+ "configuration";
// blank string for service configurations.
// revision number for iPlanetAMAuthService in 7.0
public static final int AUTHSERVICE_REVISION7_0 = 30;
// attribute to identify the auth module instance name passed in
// AMConfiguration
// AuthContextLocal object index name in the transient HttpSession
// Attribute to enable or disable module based auth
// Attribute to check if Remote Auth Security is enabled
public static final String REMOTE_AUTH_APP_TOKEN_ENABLED =
"sunRemoteAuthSecurityEnabled";
// Key in locale file for exceeding auth retry limit error
// Key in locale file for server unwilling error (mapped to Connection Failed)
// Property to store the Distributed Authentication Login URL in SSOToken
// Property to store the User Attribute to Session Attribute Mapping
public static final String USER_SESSION_MAPPING =
"sunAMUserAttributesSessionMapping";
// Key in shared state for composite advice
public static final String COMPOSITE_ADVICE_XML =
"CompositeAdviceXML";
// Indicates if Post Process Instances Need be added to Session
public static final String KEEP_POSTPROCESS_IN_SESSION =
"sunAMAuthKeepPostProcessInstances";
// Indicates if Auth Module Instances Need be added to Session
public static final String KEEP_MODULES_IN_SESSION =
"sunAMAuthKeepAuthModuleIntances";
// Property name for Post Process Instances in Session
public static final String POSTPROCESS_INSTANCE_SET =
"sunAMAuthPostProcessInstanceSet";
// Property name for Login Context in Session
public static final String LOGIN_CONTEXT =
"sunAMAuthLoginContext";
// Property name for user password attribute
//Property name for forcing two factor auth
}