Example 16 with SessionID
use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.
the class AuthXMLHandler method postProcess.
/*
* reset the auth identifier, in case a status change(auth succeeds)
* will cause sid change from that of HttpSession to InternalSession.
*/
private void postProcess(LoginState loginState, AuthXMLResponse authResponse) {
SessionID sid = loginState.getSid();
String sidString = null;
if (sid != null) {
sidString = sid.toString();
}
if (messageEnabled) {
debug.message("sidString is.. : " + sidString);
}
authResponse.setAuthIdentifier(sidString);
}
Also used :
SessionID(com.iplanet.dpro.session.SessionID)
Example 17 with SessionID
use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.
the class AuthIdHelperTest method shouldCreateAuthIdIncludingAuthIndexTypeAndValue.
@Test
public void shouldCreateAuthIdIncludingAuthIndexTypeAndValue() throws SignatureException, SMSException, SSOException, RestAuthException {
//Given
LoginConfiguration loginConfiguration = mock(LoginConfiguration.class);
AuthContextLocalWrapper authContext = mock(AuthContextLocalWrapper.class);
given(authContext.getOrgDN()).willReturn("ORG_DN");
given(authContext.getSessionID()).willReturn(new SessionID("SESSION_ID"));
given(loginConfiguration.getIndexType()).willReturn(AuthIndexType.SERVICE);
given(loginConfiguration.getIndexValue()).willReturn("INDEX_VALUE");
mockGetSigningKey("ORG_DN", false);
//When
String authId = authIdHelper.createAuthId(loginConfiguration, authContext);
//Then
assertNotNull(authId);
verify(jwsHeaderBuilder).alg(JwsAlgorithm.HS256);
verify(claimsSetBuilder).claim(eq("otk"), anyString());
ArgumentCaptor<Map> argumentCaptor = ArgumentCaptor.forClass(Map.class);
verify(claimsSetBuilder).claims(argumentCaptor.capture());
Map jwtValues = argumentCaptor.getValue();
assertTrue(jwtValues.containsKey("realm"));
assertTrue(jwtValues.containsValue("ORG_DN"));
assertTrue(jwtValues.containsKey("sessionId"));
assertTrue(jwtValues.containsValue("SESSION_ID"));
assertTrue(jwtValues.containsKey("authIndexType"));
assertTrue(jwtValues.containsValue(AuthIndexType.SERVICE.getIndexType().toString()));
assertTrue(jwtValues.containsKey("authIndexValue"));
assertTrue(jwtValues.containsValue("INDEX_VALUE"));
}
Also used :
LoginConfiguration(org.forgerock.openam.core.rest.authn.core.LoginConfiguration)
AuthContextLocalWrapper(org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper)
SessionID(com.iplanet.dpro.session.SessionID)
HashMap(java.util.HashMap)
Map(java.util.Map)
Test(org.testng.annotations.Test)
Example 18 with SessionID
use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.
the class AuthIdHelperTest method shouldCreateAuthId.
@Test
public void shouldCreateAuthId() throws SignatureException, SMSException, SSOException, RestAuthException {
//Given
LoginConfiguration loginConfiguration = mock(LoginConfiguration.class);
AuthContextLocalWrapper authContext = mock(AuthContextLocalWrapper.class);
given(authContext.getOrgDN()).willReturn("ORG_DN");
given(authContext.getSessionID()).willReturn(new SessionID("SESSION_ID"));
given(loginConfiguration.getIndexType()).willReturn(AuthIndexType.NONE);
given(loginConfiguration.getIndexValue()).willReturn(null);
mockGetSigningKey("ORG_DN", false);
//When
String authId = authIdHelper.createAuthId(loginConfiguration, authContext);
//Then
assertNotNull(authId);
verify(jwsHeaderBuilder).alg(JwsAlgorithm.HS256);
verify(claimsSetBuilder).claim(eq("otk"), anyString());
ArgumentCaptor<Map> contentArgumentCaptor = ArgumentCaptor.forClass(Map.class);
verify(claimsSetBuilder).claims(contentArgumentCaptor.capture());
Map jwtContent = contentArgumentCaptor.getValue();
assertTrue(jwtContent.containsKey("realm"));
assertTrue(jwtContent.containsValue("ORG_DN"));
assertTrue(jwtContent.containsKey("sessionId"));
assertTrue(jwtContent.containsValue("SESSION_ID"));
assertFalse(jwtContent.containsKey("authIndexType"));
assertFalse(jwtContent.containsKey("authIndexValue"));
}
Also used :
LoginConfiguration(org.forgerock.openam.core.rest.authn.core.LoginConfiguration)
AuthContextLocalWrapper(org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper)
SessionID(com.iplanet.dpro.session.SessionID)
HashMap(java.util.HashMap)
Map(java.util.Map)
Test(org.testng.annotations.Test)
Example 19 with SessionID
use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.
the class GetHttpSession method doGet.
public void doGet(HttpServletRequest request, HttpServletResponse response) throws IOException {
if (!validateRequest(request)) {
response.setStatus(HttpServletResponse.SC_FORBIDDEN);
return;
}
String op = request.getParameter(OP);
if (op.equals(RECOVER_OP)) {
HttpSession httpSession = request.getSession(false);
if (httpSession != null) {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.recover: Old HttpSession is obtained");
}
SessionID sid = new SessionID(request);
if (!sid.isNull()) {
sessionService.retrieveSession(sid, httpSession);
}
} else {
sessionDebug.error("GetHttpSession.recover: Old HttpSession is not obtained");
}
} else if (op.equals(SAVE_OP)) {
HttpSession httpSession = request.getSession(false);
if (httpSession != null) {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.save: HttpSession is obtained");
}
SessionID sid = new SessionID(request);
if (!sid.isNull()) {
int status = sessionService.handleSaveSession(sid, httpSession);
response.setStatus(status);
}
} else {
sessionDebug.error("GetHttpSession.save: HttpSession is not obtained");
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
}
} else if (op.equals(CREATE_OP)) {
HttpSession httpSession = request.getSession(true);
String domain = request.getParameter(DOMAIN);
InternalSession is = sessionService.newInternalSession(domain, httpSession, false);
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.create: Created new session=" + is.getID());
}
DataOutputStream out = new DataOutputStream(response.getOutputStream());
out.writeUTF(is.getID().toString());
out.flush();
out.close();
} else if (op.equals(INVALIDATE_OP)) {
HttpSession httpSession = request.getSession(false);
if (httpSession != null) {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.invalidate: HttpSession is obtained");
}
try {
httpSession.invalidate();
} catch (IllegalStateException ise) {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("Exception:invalidateSession: the web containers session timeout could be " + "shorter than the OpenSSO session timeout", ise);
}
}
} else {
if (sessionDebug.warningEnabled()) {
sessionDebug.warning("GetHttpSession.invalidate: session is not obtained");
}
}
} else if (op.equals(RELEASE_OP)) {
SessionID sid = new SessionID(request);
if (!sid.isNull()) {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.release: releasing session=" + sid);
}
int status = sessionService.handleReleaseSession(sid);
response.setStatus(status);
} else {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.release: missing session id");
}
}
} else if (op.equals(GET_RESTRICTED_TOKEN_OP)) {
DataInputStream in = null;
DataOutputStream out = null;
SessionID sid = new SessionID(request);
try {
in = new DataInputStream(request.getInputStream());
TokenRestriction restriction = TokenRestrictionFactory.unmarshal(in.readUTF());
String token = sessionService.handleGetRestrictedTokenIdRemotely(sid, restriction);
if (token != null) {
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.get_restricted_token: Created new session=" + token);
}
response.setStatus(HttpServletResponse.SC_OK);
out = new DataOutputStream(response.getOutputStream());
out.writeUTF(token);
out.flush();
} else {
sessionDebug.error("GetHttpSession.get_restricted_token: failed to create token");
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
}
} catch (Exception ex) {
sessionDebug.error("GetHttpSession.get_restricted_token: exception occured while create token", ex);
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
} finally {
IOUtils.closeIfNotNull(in);
IOUtils.closeIfNotNull(out);
}
} else if (op.equals(DEREFERENCE_RESTRICTED_TOKEN_ID)) {
DataInputStream in = null;
DataOutputStream out = null;
String cookieValue = CookieUtils.getCookieValueFromReq(request, CookieUtils.getAmCookieName());
if ((cookieValue != null) && (cookieValue.indexOf("%") != -1)) {
cookieValue = URLEncDec.decode(cookieValue);
}
SessionID sid = new SessionID(cookieValue);
try {
in = new DataInputStream(request.getInputStream());
String restrictedID = in.readUTF();
try {
String masterSID = sessionService.deferenceRestrictedID(sessionCache.getSession(sid), restrictedID);
response.setStatus(HttpServletResponse.SC_OK);
out = new DataOutputStream(response.getOutputStream());
out.writeUTF(masterSID);
out.flush();
if (sessionDebug.messageEnabled()) {
sessionDebug.message("GetHttpSession.dereference_restricted_token_id: master sid=" + masterSID);
}
} catch (SessionException se) {
sessionDebug.message("GetHttpSession.dereference_restricted_token_id: unable to find master sid", se);
response.setStatus(HttpServletResponse.SC_OK);
out = new DataOutputStream(response.getOutputStream());
out.writeUTF("ERROR");
out.flush();
}
} catch (Exception ex) {
sessionDebug.error("GetHttpSession.dereference_restricted_token_id: exception occured while finding master sid", ex);
response.setStatus(HttpServletResponse.SC_NOT_FOUND);
} finally {
IOUtils.closeIfNotNull(in);
IOUtils.closeIfNotNull(out);
}
} else {
sessionDebug.error("GetHttpSession: unknown operation requested");
response.setStatus(HttpServletResponse.SC_NOT_IMPLEMENTED);
}
}
Also used :
TokenRestriction(com.iplanet.dpro.session.TokenRestriction)
HttpSession(javax.servlet.http.HttpSession)
DataOutputStream(java.io.DataOutputStream)
SessionException(com.iplanet.dpro.session.SessionException)
DataInputStream(java.io.DataInputStream)
SessionID(com.iplanet.dpro.session.SessionID)
IOException(java.io.IOException)
SessionException(com.iplanet.dpro.session.SessionException)
Example 20 with SessionID
use of com.iplanet.dpro.session.SessionID in project OpenAM by OpenRock.
the class InternalSession method setRestrictedTokensBySid.
/**
* This setter method is used by the JSON serialization mechanism and should not be used for other purposes.
*
* @param restrictedTokensBySid The deserialized map of sid<->restricted tokens that should be stored in a
* ConcurrentHashMap.
*/
@JsonSetter
private void setRestrictedTokensBySid(ConcurrentMap<SessionID, TokenRestriction> restrictedTokensBySid) {
for (Map.Entry<SessionID, TokenRestriction> entry : restrictedTokensBySid.entrySet()) {
SessionID sid = entry.getKey();
TokenRestriction restriction = entry.getValue();
this.restrictedTokensBySid.put(sid, restriction);
this.restrictedTokensByRestriction.put(restriction, sid);
}
}
Also used :
TokenRestriction(com.iplanet.dpro.session.TokenRestriction)
HashMap(java.util.HashMap)
ConcurrentMap(java.util.concurrent.ConcurrentMap)
Map(java.util.Map)
ConcurrentHashMap(java.util.concurrent.ConcurrentHashMap)
SessionID(com.iplanet.dpro.session.SessionID)
JsonSetter(com.fasterxml.jackson.annotation.JsonSetter)
Aggregations
SessionID (com.iplanet.dpro.session.SessionID)105
Test (org.testng.annotations.Test)44
SessionException (com.iplanet.dpro.session.SessionException)31
SSOToken (com.iplanet.sso.SSOToken)23
InternalSession (com.iplanet.dpro.session.service.InternalSession)18
SSOException (com.iplanet.sso.SSOException)18
AuthContextLocalWrapper (org.forgerock.openam.core.rest.authn.core.wrappers.AuthContextLocalWrapper)17
HttpServletResponse (javax.servlet.http.HttpServletResponse)16
HttpServletRequest (javax.servlet.http.HttpServletRequest)15
Session (com.iplanet.dpro.session.Session)14
URL (java.net.URL)9
Map (java.util.Map)9
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)8
IOException (java.io.IOException)5
HashMap (java.util.HashMap)5
SMSException (com.sun.identity.sm.SMSException)4
Token (org.forgerock.openam.cts.api.tokens.Token)4
SessionIDExtensions (com.iplanet.dpro.session.SessionIDExtensions)3
TokenRestriction (com.iplanet.dpro.session.TokenRestriction)3
SessionInfo (com.iplanet.dpro.session.share.SessionInfo)3
