Search in sources :

Example 56 with SessionID

use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.

the class AuthXMLHandler method postProcess.

/*
     * reset the auth identifier, in case a status change(auth succeeds)
     * will cause sid change from that of HttpSession to InternalSession.
     */
private void postProcess(LoginState loginState, AuthXMLResponse authResponse) {
    SessionID sid = loginState.getSid();
    String sidString = null;
    if (sid != null) {
        sidString = sid.toString();
    }
    if (messageEnabled) {
        debug.message("sidString is.. : " + sidString);
    }
    authResponse.setAuthIdentifier(sidString);
}
Also used : SessionID(com.iplanet.dpro.session.SessionID)

Example 57 with SessionID

use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.

the class StatelessSessionFactory method isValidJwt.

/**
     * @param tokenId Possibly null, empty, or timed out JWT.
     * @return True if the TokenID JWT represents a valid SessionInfo which has not timed out.
     */
private boolean isValidJwt(String tokenId) {
    if (StringUtils.isEmpty(tokenId)) {
        return false;
    }
    try {
        StatelessSession statelessSession;
        if (cache.contains(tokenId)) {
            /**
                 * NB: We cannot use the JWTCache to map in the reverse direction (SessionInfo-JWT)
                 * because the SessionInfo object can change contents, but remain the same reference
                 * in the cache. Therefore the only way to maintain consistent state is to generate
                 * the JWT from the SessionInfo each time.
                 *
                 * We can re-evaluate this if it becomes a hot-spot.
                 */
            statelessSession = generate(cache.getSessionInfo(tokenId));
        } else {
            SessionID sessionID = new SessionID(tokenId);
            if (!containsJwt(sessionID)) {
                return false;
            }
            statelessSession = generate(sessionID);
        }
        return statelessSession.getTimeLeft() >= 0;
    } catch (SessionException e) {
        debug.message("Failed to validate JWT {0}", tokenId, e);
        return false;
    }
}
Also used : SessionException(com.iplanet.dpro.session.SessionException) SessionID(com.iplanet.dpro.session.SessionID)

Example 58 with SessionID

use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.

the class SessionCache method removeRemoteSID.

/**
     * Wrapper method for {@link #removeSID} only to be called when receiving notification of session
     * destruction from the home server.
     *
     * This method should only be called when the identified session has another instance
     * of OpenAM as its home server.
     *
     * @param info Current state of session on home server
     */
public void removeRemoteSID(SessionInfo info) {
    SessionID sessionID = new SessionID(info.getSessionID());
    long purgeDelay = getPurgeDelayForReducedCrosstalk();
    if (purgeDelay > 0) {
        Session session = readSession(sessionID);
        if (session == null) {
            /**
                 * Reduced crosstalk protection.
                 *
                 * As the indicated session has not yet been loaded, it will be created and added to the
                 * {@link #sessionTable} so that it can remain there in a DESTROYED state until it is purged.
                 */
            session = new Session(sessionID);
            try {
                session.update(info);
                writeSession(session);
            } catch (SessionException e) {
                debug.error("Exception reading remote SessionInfo", e);
            }
        }
        session.setPurgeAt(System.currentTimeMillis() + (purgeDelay * 60 * 1000));
        session.cancel();
        if (!session.isScheduled()) {
            SystemTimerPool.getTimerPool().schedule(session, new Date(session.getPurgeAt()));
        } else {
            debug.error("Unable to schedule destroyed session for purging");
        }
    }
    removeSID(sessionID);
}
Also used : SessionException(com.iplanet.dpro.session.SessionException) SessionID(com.iplanet.dpro.session.SessionID) Date(java.util.Date) Session(com.iplanet.dpro.session.Session)

Example 59 with SessionID

use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.

the class SessionCache method removeLocalSID.

/**
     * Wrapper method for {@link #removeSID} only to be called when receiving notification of session
     * destruction that has this server as its home server.
     *
     * @param info Current state of session
     */
public void removeLocalSID(SessionInfo info) {
    SessionID sessionID = new SessionID(info.getSessionID());
    removeSID(sessionID);
}
Also used : SessionID(com.iplanet.dpro.session.SessionID)

Example 60 with SessionID

use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.

the class DestroyAllAction method action.

@Override
public boolean action(InternalSession is, Map sessions) {
    Set<String> sids = sessions.keySet();
    debug.message("there are " + sids.size() + " sessions");
    synchronized (sessions) {
        for (String sid : sids) {
            SessionID sessID = new SessionID(sid);
            try {
                Session s = sessionCache.getSession(sessID);
                s.destroySession(s);
                debug.message("Destroy sid " + sessID);
            } catch (SessionException se) {
                if (debug.messageEnabled()) {
                    debug.message("Failed to destroy the next " + "expiring session.", se);
                }
                // in this case
                return true;
            }
        }
    }
    return false;
}
Also used : SessionException(com.iplanet.dpro.session.SessionException) SessionID(com.iplanet.dpro.session.SessionID) Session(com.iplanet.dpro.session.Session) InternalSession(com.iplanet.dpro.session.service.InternalSession)

Aggregations

SessionID (com.iplanet.dpro.session.SessionID)105 Test (org.testng.annotations.Test)44 SessionException (com.iplanet.dpro.session.SessionException)31 SSOToken (com.iplanet.sso.SSOToken)23 InternalSession (com.iplanet.dpro.session.service.InternalSession)18 SSOException (com.iplanet.sso.SSOException)18 AuthContextLocalWrapper (org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper)17 HttpServletResponse (javax.servlet.http.HttpServletResponse)16 HttpServletRequest (javax.servlet.http.HttpServletRequest)15 Session (com.iplanet.dpro.session.Session)14 URL (java.net.URL)9 Map (java.util.Map)9 AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)8 IOException (java.io.IOException)5 HashMap (java.util.HashMap)5 SMSException (com.sun.identity.sm.SMSException)4 Token (org.forgerock.openam.cts.api.tokens.Token)4 SessionIDExtensions (com.iplanet.dpro.session.SessionIDExtensions)3 TokenRestriction (com.iplanet.dpro.session.TokenRestriction)3 SessionInfo (com.iplanet.dpro.session.share.SessionInfo)3