Search in sources :

Example 6 with Session

use of com.iplanet.dpro.session.Session in project OpenAM by OpenRock.

the class MonitoredOperationsTest method destroyTest.

@Test
public void destroyTest() throws SessionException {
    //given
    Session mockRequester = mock(Session.class);
    Session mockSession = mock(Session.class);
    //when
    testMoniteredOperations.destroy(mockRequester, mockSession);
    //then
    verify(mockSessionOperations, times(1)).destroy(mockRequester, mockSession);
    verify(mockStore).storeDestroyTime(anyLong(), any(SessionMonitorType.class));
}
Also used : Session(com.iplanet.dpro.session.Session) BeforeTest(org.testng.annotations.BeforeTest) Test(org.testng.annotations.Test)

Example 7 with Session

use of com.iplanet.dpro.session.Session in project OpenAM by OpenRock.

the class MonitoredOperationsTest method refreshTest.

@Test
public void refreshTest() throws SessionException {
    //given
    Session mockSession = mock(Session.class);
    boolean reset = true;
    //when
    testMoniteredOperations.refresh(mockSession, reset);
    //then
    verify(mockSessionOperations).refresh(mockSession, reset);
    verify(mockStore).storeRefreshTime(anyLong(), any(SessionMonitorType.class));
}
Also used : Session(com.iplanet.dpro.session.Session) BeforeTest(org.testng.annotations.BeforeTest) Test(org.testng.annotations.Test)

Example 8 with Session

use of com.iplanet.dpro.session.Session in project OpenAM by OpenRock.

the class PrivilegeAuthzModule method evaluate.

/**
     * Given the calling context and the privilege definition attempts to authorise the calling subject.
     *
     * @param context
     *         the server context
     * @param definition
     *         the privilege definition
     *
     * @return the authorisation result
     */
protected Promise<AuthorizationResult, ResourceException> evaluate(final Context context, final PrivilegeDefinition definition) {
    // If no realm is specified default to the root realm.
    final String realm = (context.containsContext(RealmContext.class)) ? context.asContext(RealmContext.class).getResolvedRealm() : "/";
    final SubjectContext subjectContext = context.asContext(SubjectContext.class);
    final UriRouterContext routerContext = context.asContext(UriRouterContext.class);
    // Map the set of actions to a set of action strings.
    final Set<String> actions = transformSet(definition.getActions(), ACTION_TO_STRING_MAPPER);
    try {
        Session callerSession = subjectContext.getCallerSession();
        if (callerSession == null) {
            // you don't have a session so return access denied
            return Promises.newResultPromise(AuthorizationResult.accessDenied("No session for request."));
        }
        final String loggedInRealm = coreWrapper.convertOrgNameToRealmName(callerSession.getClientDomain());
        final DelegationPermission permissionRequest = permissionFactory.newInstance(loggedInRealm, REST, VERSION, routerContext.getMatchedUri(), definition.getCommonVerb(), actions, Collections.<String, String>emptyMap());
        if (evaluator.isAllowed(subjectContext.getCallerSSOToken(), permissionRequest, Collections.<String, Set<String>>emptyMap()) && loggedIntoValidRealm(realm, loggedInRealm)) {
            // Authorisation has been approved.
            return Promises.newResultPromise(AuthorizationResult.accessPermitted());
        }
    } catch (DelegationException dE) {
        return new InternalServerErrorException("Attempt to authorise the user has failed", dE).asPromise();
    } catch (SSOException e) {
        //you don't have a user so return access denied
        return Promises.newResultPromise(AuthorizationResult.accessDenied("No user supplied in request."));
    }
    return Promises.newResultPromise(AuthorizationResult.accessDenied("The user has insufficient privileges"));
}
Also used : Set(java.util.Set) CollectionUtils.transformSet(org.forgerock.openam.utils.CollectionUtils.transformSet) SubjectContext(org.forgerock.openam.rest.resource.SubjectContext) UriRouterContext(org.forgerock.http.routing.UriRouterContext) InternalServerErrorException(org.forgerock.json.resource.InternalServerErrorException) DelegationException(com.sun.identity.delegation.DelegationException) SSOException(com.iplanet.sso.SSOException) DelegationPermission(com.sun.identity.delegation.DelegationPermission) Session(com.iplanet.dpro.session.Session)

Example 9 with Session

use of com.iplanet.dpro.session.Session in project OpenAM by OpenRock.

the class SSOProviderImpl method createSSOToken.

/**
     * Creates a single sign on token for the <code>HttpRequest</code>
     *
     * @param request <code>HttpServletRequest</code>
     * @return single sign on token for the request
     * @throws SSOException if the single sign on token cannot be created.
     */
public SSOToken createSSOToken(HttpServletRequest request) throws SSOException {
    try {
        SessionID sid = new SessionID(request);
        Session session = sessionCache.getSession(sid);
        if (sid != null) {
            Boolean cookieMode = sid.getCookieMode();
            if (debug.messageEnabled()) {
                debug.message("cookieMode is :" + cookieMode);
            }
            if (cookieMode != null) {
                session.setCookieMode(cookieMode);
            }
        }
        if (checkIP && !isIPValid(session, ClientUtils.getClientIPAddress(request))) {
            throw new Exception(SSOProviderBundle.getString("invalidIP"));
        }
        SSOToken ssoToken = new SSOTokenImpl(session);
        return ssoToken;
    } catch (Exception e) {
        if (debug.messageEnabled()) {
            debug.message("could not create SSOToken from HttpRequest (" + e.getMessage() + ")");
        }
        throw new SSOException(e);
    }
}
Also used : SSOToken(com.iplanet.sso.SSOToken) SSOException(com.iplanet.sso.SSOException) SessionID(com.iplanet.dpro.session.SessionID) SSOException(com.iplanet.sso.SSOException) SessionException(com.iplanet.dpro.session.SessionException) Session(com.iplanet.dpro.session.Session)

Example 10 with Session

use of com.iplanet.dpro.session.Session in project OpenAM by OpenRock.

the class DestroyNextExpiringAction method action.

@Override
public boolean action(InternalSession is, Map<String, Long> sessions) {
    String nextExpiringSessionID = null;
    long smallestExpTime = Long.MAX_VALUE;
    for (Map.Entry<String, Long> entry : sessions.entrySet()) {
        String sid = entry.getKey();
        long expirationTime = entry.getValue();
        if (expirationTime < smallestExpTime) {
            smallestExpTime = expirationTime;
            nextExpiringSessionID = sid;
        }
    }
    if (nextExpiringSessionID != null) {
        SessionID sessID = new SessionID(nextExpiringSessionID);
        try {
            Session s = sessionCache.getSession(sessID);
            s.destroySession(s);
        } catch (SessionException e) {
            if (debug.messageEnabled()) {
                debug.message("Failed to destroy the next " + "expiring session.", e);
            }
            // in this case
            return true;
        }
    }
    return false;
}
Also used : SessionException(com.iplanet.dpro.session.SessionException) Map(java.util.Map) SessionID(com.iplanet.dpro.session.SessionID) Session(com.iplanet.dpro.session.Session) InternalSession(com.iplanet.dpro.session.service.InternalSession)

Aggregations

Session (com.iplanet.dpro.session.Session)31 SessionException (com.iplanet.dpro.session.SessionException)22 SessionID (com.iplanet.dpro.session.SessionID)13 SSOException (com.iplanet.sso.SSOException)7 Test (org.testng.annotations.Test)7 Map (java.util.Map)5 InternalSession (com.iplanet.dpro.session.service.InternalSession)4 BeforeTest (org.testng.annotations.BeforeTest)4 SSOToken (com.iplanet.sso.SSOToken)3 SearchResults (com.sun.identity.common.SearchResults)3 AMConsoleException (com.sun.identity.console.base.model.AMConsoleException)3 HashMap (java.util.HashMap)3 StatelessSession (org.forgerock.openam.sso.providers.stateless.StatelessSession)3 URL (java.net.URL)2 Iterator (java.util.Iterator)2 SessionEvent (com.iplanet.dpro.session.SessionEvent)1 TokenRestriction (com.iplanet.dpro.session.TokenRestriction)1 SessionService (com.iplanet.dpro.session.service.SessionService)1 SessionInfo (com.iplanet.dpro.session.share.SessionInfo)1 SessionResponse (com.iplanet.dpro.session.share.SessionResponse)1