Search in sources :

Example 6 with SessionException

use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.

the class SessionResponseParser method parseXML.

/**
     * Parses the session reponse element. Please see file
     * <code>SessionResponse.dtd</code> for the corresponding DTD of the
     * SessionResponse.
     * 
     * @return a <code>SessionResponse</code> object.
     */
public SessionResponse parseXML() throws SessionException {
    if (document == null) {
        return null;
    }
    // get document element
    Element elem = document.getDocumentElement();
    sessionResponse = new SessionResponse();
    // set session response attribute
    String temp = elem.getAttribute("vers");
    sessionResponse.setResponseVersion(temp);
    // set session reqid
    temp = elem.getAttribute("reqid");
    sessionResponse.setRequestID(temp);
    // check GetSession element
    NodeList nodelist = elem.getElementsByTagName("GetSession");
    if (nodelist != null && nodelist.getLength() != 0) {
        sessionResponse.setMethodID(SessionRequest.GetSession);
    }
    // check GetActiveSessions element
    nodelist = elem.getElementsByTagName("GetActiveSessions");
    if (nodelist != null && nodelist.getLength() != 0) {
        sessionResponse.setMethodID(SessionRequest.GetValidSessions);
    }
    // check DestroySession element
    nodelist = elem.getElementsByTagName("DestroySession");
    if (nodelist != null && nodelist.getLength() != 0) {
        sessionResponse.setMethodID(SessionRequest.DestroySession);
    }
    // check Logout element
    nodelist = elem.getElementsByTagName("Logout");
    if (nodelist != null && nodelist.getLength() != 0) {
        sessionResponse.setMethodID(SessionRequest.Logout);
    }
    // check AddSessionListener element
    nodelist = elem.getElementsByTagName("AddSessionListener");
    if (nodelist != null && nodelist.getLength() != 0) {
        sessionResponse.setMethodID(SessionRequest.AddSessionListener);
    }
    // check AddSessionListenerOnAllSessions element
    nodelist = elem.getElementsByTagName("AddSessionListenerOnAllSessions");
    if (nodelist != null && nodelist.getLength() != 0) {
        sessionResponse.setMethodID(SessionRequest.AddSessionListenerOnAllSessions);
    }
    // check SetProperty element
    nodelist = elem.getElementsByTagName("SetProperty");
    if (nodelist != null && nodelist.getLength() != 0) {
        sessionResponse.setMethodID(SessionRequest.SetProperty);
    }
    // check GetSessionCount element
    nodelist = elem.getElementsByTagName("GetSessionCount");
    if (nodelist != null && nodelist.getLength() != 0) {
        sessionResponse.setMethodID(SessionRequest.GetSessionCount);
    }
    // check COUNT element
    nodelist = elem.getElementsByTagName("SessionExpirationTimeInfo");
    if (nodelist != null && nodelist.getLength() != 0) {
        parseAllSessionsGivenUUIDElements(nodelist);
    }
    // check Session element
    nodelist = elem.getElementsByTagName("Session");
    if (nodelist != null && nodelist.getLength() != 0) {
        parseSessionElements(nodelist);
    }
    // check OK element
    nodelist = elem.getElementsByTagName("OK");
    if (nodelist != null && nodelist.getLength() != 0) {
        sessionResponse.setBooleanFlag(true);
    }
    // check Exception element
    nodelist = elem.getElementsByTagName("Exception");
    if (nodelist != null && nodelist.getLength() != 0) {
        Element exception = (Element) nodelist.item(0);
        sessionResponse.setException(SessionRequestParser.parseCDATA(exception));
    }
    // check Status element
    nodelist = elem.getElementsByTagName("Status");
    if (nodelist != null && nodelist.getLength() != 0) {
        String status = SessionRequestParser.parseCDATA((Element) nodelist.item(0));
        try {
            sessionResponse.setStatus(Integer.parseInt(status));
        } catch (NumberFormatException e) {
            SessionRequestParser.debug.error("SessionResponseParse : ", e);
            throw new SessionException(e.getMessage());
        }
    }
    // return session reponse
    return sessionResponse;
}
Also used : Element(org.w3c.dom.Element) NodeList(org.w3c.dom.NodeList) SessionException(com.iplanet.dpro.session.SessionException)

Example 7 with SessionException

use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.

the class SessionInfoFactory method makeSessionInfo.

/**
     * Generates a SessionInfo object from the given InternalSession.
     *
     * @param internalSession Non null InternalSession to use.
     * @param sid Session ID for the user performing the action.
     * @return A non null SessionInfo instance if valid.
     *
     * @throws SessionException If there was an error storing the TokenRestriction on the SessionInfo.
     *
     * @throws IllegalAccessException If this method has not been called in-conjunction with
     * SessionInfoFactory#validateSession
     */
public SessionInfo makeSessionInfo(InternalSession internalSession, SessionID sid) throws SessionException {
    SessionInfo info = internalSession.toSessionInfo();
    TokenRestriction restriction = internalSession.getRestrictionForToken(sid);
    if (restriction != null) {
        try {
            info.getProperties().put(TOKEN_RESTRICTION_PROP, TokenRestrictionFactory.marshal(restriction));
        } catch (Exception e) {
            throw new SessionException(e);
        }
    } else if (!sid.equals(internalSession.getID())) {
        throw new IllegalArgumentException("Session id mismatch");
    }
    // replace master sid with the sid from the request (either master or
    // restricted) in order not to leak the master sid
    info.setSessionID(sid.toString());
    return info;
}
Also used : TokenRestriction(com.iplanet.dpro.session.TokenRestriction) SessionInfo(com.iplanet.dpro.session.share.SessionInfo) SessionException(com.iplanet.dpro.session.SessionException) SessionTimedOutException(com.iplanet.dpro.session.SessionTimedOutException) SessionException(com.iplanet.dpro.session.SessionException)

Example 8 with SessionException

use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.

the class SessionCount method getSessionResponse.

private static SessionResponse getSessionResponse(URL svcurl, SessionRequest sreq) throws SessionException {
    try {
        Object context = RestrictedTokenContext.getCurrent();
        if (context != null) {
            sreq.setRequester(RestrictedTokenContext.marshal(context));
        }
        SessionResponse sres = sessionPLLSender.sendPLLRequest(svcurl, sreq);
        if (sres.getException() != null) {
            throw new SessionException(sres.getException());
        }
        return sres;
    } catch (SessionException se) {
        throw se;
    } catch (Exception e) {
        throw new SessionException(e);
    }
}
Also used : SessionException(com.iplanet.dpro.session.SessionException) SessionResponse(com.iplanet.dpro.session.share.SessionResponse) SessionException(com.iplanet.dpro.session.SessionException)

Example 9 with SessionException

use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.

the class AuthUtils method getAuthContext.

/**
     * Returns the authentication context for a request.
     *
     * @param request HTTP Servlet Request.
     * @param response HTTP Servlet Response.
     * @param sid SessionID for this request.
     * @param isSessionUpgrade <code>true</code> if session upgrade.
     * @param isBackPost <code>true</code> if back posting.
     * @param isLogout <code>true</code> for logout.
     * @return authentication context.
     */
public static AuthContextLocal getAuthContext(HttpServletRequest request, HttpServletResponse response, SessionID sid, boolean isSessionUpgrade, boolean isBackPost, boolean isLogout) throws AuthException {
    utilDebug.message("In AuthUtils:getAuthContext");
    Hashtable dataHash;
    AuthContextLocal authContext = null;
    LoginState loginState = null;
    // initialize auth service.
    AuthD ad = AuthD.getAuth();
    try {
        dataHash = parseRequestParameters(request);
        authContext = retrieveAuthContext(request, sid);
        if (utilDebug.messageEnabled()) {
            utilDebug.message("AuthUtil:getAuthContext:sid is.. .: " + sid);
            utilDebug.message("AuthUtil:getAuthContext:authContext is..: " + authContext);
        }
        if (!sid.isNull() && authContext == null && !isSessionUpgrade) {
            String authCookieValue = getAuthCookieValue(request);
            if ((authCookieValue != null) && (!authCookieValue.isEmpty()) && (!authCookieValue.equalsIgnoreCase("LOGOUT"))) {
                String cookieURL = null;
                try {
                    SessionID sessionID = new SessionID(authCookieValue);
                    URL sessionServerURL = SESSION_SERVICE_URL_SERVICE.getSessionServiceURL(sessionID);
                    cookieURL = sessionServerURL.getProtocol() + "://" + sessionServerURL.getHost() + ":" + Integer.toString(sessionServerURL.getPort()) + serviceURI;
                } catch (SessionException e) {
                    if (utilDebug.messageEnabled()) {
                        utilDebug.message("AuthUtils:getAuthContext():" + e.toString());
                    }
                }
                if (utilDebug.messageEnabled()) {
                    utilDebug.message("AuthUtils:getAuthContext():" + "cookieURL : " + cookieURL);
                }
                if ((cookieURL != null) && (!cookieURL.isEmpty()) && (isLocalServer(cookieURL, true))) {
                    utilDebug.error("AuthUtils:getAuthContext(): " + "Invalid Session Timed out");
                    clearAllCookies(request, response);
                    throw new AuthException(AMAuthErrorCode.AUTH_TIMEOUT, null);
                }
            }
        }
        if (utilDebug.messageEnabled()) {
            utilDebug.message("isSessionUpgrade  :" + isSessionUpgrade);
            utilDebug.message("BACK with Request method POST : " + isBackPost);
        }
        if ((authContext == null) && (isLogout)) {
            return null;
        }
        if ((authContext == null) || (isSessionUpgrade) || (isBackPost)) {
            try {
                loginState = new LoginState();
                InternalSession oldSession = null;
                if (sid != null) {
                    oldSession = AuthD.getSession(sid);
                    loginState.setOldSession(oldSession);
                }
                if (isSessionUpgrade) {
                    loginState.setOldSession(oldSession);
                    loginState.setSessionUpgrade(isSessionUpgrade);
                } else if (isBackPost) {
                    loginState.setOldSession(oldSession);
                }
                authContext = loginState.createAuthContext(request, response, sid, dataHash);
                loginState.setForceAuth(Boolean.parseBoolean(request.getParameter(FORCE_AUTH)));
                authContext.setLoginState(loginState);
                String queryOrg = getQueryOrgName(request, getOrgParam(dataHash));
                if (utilDebug.messageEnabled()) {
                    utilDebug.message("query org is .. : " + queryOrg);
                }
                loginState.setQueryOrg(queryOrg);
            } catch (AuthException ae) {
                utilDebug.message("Error creating AuthContextLocal : ");
                if (utilDebug.messageEnabled()) {
                    utilDebug.message("Exception ", ae);
                }
                throw new AuthException(ae);
            }
        } else {
            utilDebug.message("getAuthContext: found existing request.");
            authContext = processAuthContext(authContext, request, response, dataHash, sid);
            loginState = getLoginState(authContext);
            loginState.setNewRequest(false);
        }
    } catch (Exception ee) {
        if (utilDebug.messageEnabled()) {
            utilDebug.message("Error creating AuthContextLocal : " + ee.getMessage());
        }
        throw new AuthException(ee);
    }
    return authContext;
}
Also used : Hashtable(java.util.Hashtable) InternalSession(com.iplanet.dpro.session.service.InternalSession) SessionException(com.iplanet.dpro.session.SessionException) SessionID(com.iplanet.dpro.session.SessionID) URL(java.net.URL) AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException) SSOException(com.iplanet.sso.SSOException) SMSException(com.sun.identity.sm.SMSException) SessionException(com.iplanet.dpro.session.SessionException) AuthContextLocal(com.sun.identity.authentication.server.AuthContextLocal)

Example 10 with SessionException

use of com.iplanet.dpro.session.SessionException in project OpenAM by OpenRock.

the class StatelessSessionActivator method activateSession.

@Override
public boolean activateSession(final LoginState loginState, final SessionService sessionService, final InternalSession authSession, final Subject subject, final Object loginContext) throws AuthException {
    if (loginState.getForceFlag()) {
        if (DEBUG.messageEnabled()) {
            DEBUG.message("Cannot force auth stateless sessions.");
        }
        throw new AuthException(AMAuthErrorCode.STATELESS_FORCE_FAILED, null);
    }
    if (loginState.isSessionUpgrade()) {
        //set our old session -- necessary as if the currently owned token is stateless this won't be set
        SessionID sid = new SessionID(loginState.getHttpServletRequest());
        try {
            SessionInfo info = getStatelessSessionFactory().getSessionInfo(sid);
            oldSession = getStatelessSessionFactory().generate(info);
            loginState.setOldStatelessSession(oldSession);
        } catch (SessionException e) {
            throw new AuthException(AMAuthErrorCode.SESSION_UPGRADE_FAILED, null);
        }
    }
    //create our new session - the loginState needs this session as it's the one we'll be passing back to the user
    final InternalSession session = createSession(sessionService, loginState);
    loginState.setSession(session);
    return updateSessions(session, loginState, session, authSession, sessionService, subject, loginContext);
}
Also used : InternalSession(com.iplanet.dpro.session.service.InternalSession) SessionInfo(com.iplanet.dpro.session.share.SessionInfo) SessionException(com.iplanet.dpro.session.SessionException) SessionID(com.iplanet.dpro.session.SessionID)

Aggregations

SessionException (com.iplanet.dpro.session.SessionException)60 SessionID (com.iplanet.dpro.session.SessionID)22 Session (com.iplanet.dpro.session.Session)18 SSOException (com.iplanet.sso.SSOException)15 SessionResponse (com.iplanet.dpro.session.share.SessionResponse)9 SessionInfo (com.iplanet.dpro.session.share.SessionInfo)8 URL (java.net.URL)8 Map (java.util.Map)7 Test (org.testng.annotations.Test)7 InternalSession (com.iplanet.dpro.session.service.InternalSession)6 SessionRequest (com.iplanet.dpro.session.share.SessionRequest)6 IdRepoException (com.sun.identity.idm.IdRepoException)6 CoreTokenException (org.forgerock.openam.cts.exceptions.CoreTokenException)6 DelegationException (com.sun.identity.delegation.DelegationException)5 InterruptedIOException (java.io.InterruptedIOException)5 ConnectException (java.net.ConnectException)5 HashSet (java.util.HashSet)5 Set (java.util.Set)5 TokenRestriction (com.iplanet.dpro.session.TokenRestriction)4 SSOToken (com.iplanet.sso.SSOToken)4