FMSessionProvider.java revision 4a2f0f0be43dfd4c1b490cbf3cc48b6ba6084b1c
/**
* DO NOT ALTER OR REMOVE COPYRIGHT NOTICES OR THIS HEADER.
*
* Copyright (c) 2006 Sun Microsystems Inc. All Rights Reserved
*
* The contents of this file are subject to the terms
* of the Common Development and Distribution License
* (the License). You may not use this file except in
* compliance with the License.
*
* You can obtain a copy of the License at
* See the License for the specific language governing
* permission and limitations under the License.
*
* When distributing Covered Code, include this CDDL
* Header Notice in each file and include the License file
* at opensso/legal/CDDLv1.0.txt.
* If applicable, add the following below the CDDL Header,
* with the fields enclosed by brackets [] replaced by
* your own identifying information:
* "Portions Copyrighted [year] [name of copyright owner]"
*
* $Id: FMSessionProvider.java,v 1.23 2009/11/20 00:30:40 exu Exp $
*
*/
/**
* Portions Copyrighted 2010-2012 ForgeRock AS
*/
/**
* Used for creating sessions, and for accessing session
* information.
*/
public class FMSessionProvider implements SessionProvider {
/**
* This constant string is used both in this class and
* in the Federation Auth Module implementationt to specify
* the name of the random secret call back.
*/
private static ResourceBundle bundle =
/**
* Commented out since initializing session service statically here brings
* in the whole OpenSSO which is not desirable for clientsdk.
* Can remove this, issue handler probably could do that.
private static String lbcookieName = Session.lbCookieName;
private static String lbcookieValue = SessionService.getSessionService().
getLocalServerID();
*/
private static boolean urlRewriteEnabled = false;
private static final int SECRET_LENGTH = 20;
new HashSet(1000));
static {
if (urlRewriteEnabledStr != null &&
urlRewriteEnabled = true;
}
}
/**
* Default Constructor
*/
public FMSessionProvider() {
}
/**
* Indicates whether a secret originally comes from this class or not
* @param secret the secret string to be matched
* @return true if there is a match, false otherwise
*/
}
private static String generateSecret() {
byte bytes[] = new byte[SECRET_LENGTH];
}
/**
* Meaningful only for SP side, the implementation of this method
* will create a local session for the local user identified by
* the information in the map. The underline mechanism of the
* session creation and management is application specific.
* For example, it could be cookie setting or url rewriting, which
* is expected to be done by the implementation of this method.
* Note that only the first input parameter is mandatory. Normally,
* at least one of the last two parameters should not be null
*
* @param info a Map with keys and values being of type String; The
* keys will include "principalName" (returned from
* SPAccountMapper), "realm", "authLevel", and may
* The implementation of this method could choose to set
* some of the information contained in the map into the
* newly created Session by calling setProperty(), later
* the target application may consume the information.
* @param request the HttpServletRequest the user made to initiate
* the SSO.
* @param response the HttpServletResponse that will be sent to the
* user (for example it could be used to set a cookie).
* @param targetApplication the original resource that was requested
* as the target of the SSO by the end user;
* If needed, this String could be modified,
* e.g., by appending query string(s) or by
* parameter.
* @return the newly created local user session.
* @throws SessionException if an error occurred during session
* creation.
*/
public Object createSession(
) throws SessionException {
}
}
try {
{
oldSession = null;
}
} catch (SessionException se) {
oldSession = null;
}
}
// Call auth module "Federation"
try {
if (oldSession != null) {
} else {
}
"Federation");
} catch (AuthLoginException ale) {
throw new SessionException(ale);
}
while (ac.hasMoreRequirements()) {
continue;
}
if (callbacks[i] instanceof NameCallback) {
}
}
}
}
break;
}
try {
} catch (Exception e) {
throw new SessionException(e.getMessage());
}
// TODO: test again when auth changes are done so the error code
// is set and passed over
}
{
}
} else {
}
throw se;
} else {
}
try {
scm = new ServiceSchemaManager(
"iPlanetAMPlatformService", ssoToken);
} catch (Exception e) {
throw new SessionException(e);
}
try {
} catch (SMSException se) {
throw new SessionException(se);
}
get("iplanet-am-platform-cookie-domains");
} else {
if (debug.messageEnabled()) {
}
"/", cookieDomain);
}
}
int n = targetApplication.length();
if (n > 0) {
}
}
}
// set all properties in the info map to sso token
try {
continue;
}
}
} catch (SSOException se) {
throw new SessionException(se);
}
return ssoToken;
}
/**
* Sets a load balancer cookie in the suppled HTTP response. The load
* balancer cookie's value is set per server instance and is used to
* support sticky load balancing.
*
* @param response the <code>HttpServletResponse</code> that will be sent
* to the user.
*/
{
}
/**
* May be used by both SP and IDP side for getting an existing
* session given an session ID.
* @param sessionID the unique session handle.
* @return the corresponding session object.
* @throws SessionException if an error occurred during session
* retrieval.
*/
throws SessionException {
try {
return session;
} catch (Throwable e) {
throw new SessionException(e);
}
}
/**
* May be used by both SP and IDP side for getting an existing
* session given a browser initiated HTTP request.
* @param request the browser initiated HTTP request.
* @return the corresponding session object.
* @throws SessionException if an error occurred during session
* retrieval.
*/
throws SessionException {
try {
request);
return session;
throw new SessionException(ex);
}
}
/**
* May be used by both SP and IDP side to invalidate a session.
* In case of SLO with SOAP, the last two input parameters
* would have to be null
* @param session the session to be invalidated
* @param request the browser initiated HTTP request.
* @param response the HTTP response going back to browser.
* @throws SessionException if an error occurred during session
* retrieval.
*/
public void invalidateSession(
) throws SessionException {
try {
}
} catch (SSOException se) {
throw new SessionException(se);
}
}
/**
* Indicates whether the session is still valid.
* This is useful for toolkit clean-up thread.
* @param session Session object
* @return boolean value indicating whether the session
* is still valid
*/
throws SessionException {
try {
} catch (SSOException se) {
throw new SessionException(se);
}
}
/**
* The returned session ID should be unique and not
* change during the lifetime of this session.
*/
}
/**
* Returns princiapl name, or user name given the session
* object.
* @param session Session object.
* @return principal name, or user name.
* @throws SessionException if this operation causes an error.
*/
throws SessionException {
try {
} catch (SSOException se) {
throw new SessionException(se);
}
}
throws SessionException {
try {
} catch (SSOException se) {
throw new SessionException(se);
}
}
/**
* Stores a property in the session object.
* @param session the session object.
* @param name the property name.
* @param values the property values.
* @throws SessionException if setting the property causes an error.
*/
public void setProperty(
) throws SessionException {
return;
}
} else {
}
}
try {
} catch (SSOException se) {
throw new SessionException(se);
}
}
/**
* Retrieves a property from the session object.
* @param session the session object.
* @param name the property name.
* @return the property values.
* @throws SessionException if getting the property causes an error.
*/
throws SessionException {
return null;
}
}
try {
// get session property by ignoring session state
// this propperty could be retrieve when session idle timed out
// need to be able to get value without exception
} else {
}
} catch (SSOException se) {
throw new SessionException(se);
}
return null;
}
}
}
values.toLowerCase())) {
}
values.toLowerCase())) {
} else {
}
return retValues;
}
return retValues;
}
}
return returnVals;
}
/*
* Rewrites an URL with session information in case
* cookie setting is not supported.
* @param session the session object.
* @param URL the URL to be rewritten.
* @return the rewritten URL.
* @throws SessionException if rewritting the URL
* causes an error.
*/
throws SessionException {
if (urlRewriteEnabled) {
try {
} catch (SSOException se) {
throw new SessionException(se);
}
}
return URL;
}
/**
* Registers a listener for the session.
*
* @param session the session object.
* @param listener listener for the session invalidation event.
*
* @throws SessoinException if adding the listener caused an error.
*/
throws SessionException {
try {
} catch (SSOException se) {
throw new SessionException(se);
}
}
class SSOTokenListenerImpl implements SSOTokenListener {
public SSOTokenListenerImpl(
) {
}
int eventType = -1;
try {
} catch (SSOException se) {
}
}
}
}
}