Example 21 with InternalSession
use of com.iplanet.dpro.session.service.InternalSession in project OpenAM by OpenRock.
the class HOTP method init.
public void init(Subject subject, Map sharedState, Map options) {
currentConfig = options;
String authLevel = CollectionHelper.getMapAttr(options, AUTHLEVEL);
if (authLevel != null) {
try {
setAuthLevel(Integer.parseInt(authLevel));
} catch (Exception e) {
debug.error("HOTP.init() : " + "Unable to set auth level " + authLevel, e);
}
}
gatewaySMSImplClass = CollectionHelper.getMapAttr(options, GATEWAYSMSImplCLASS);
codeValidityDuration = CollectionHelper.getMapAttr(options, CODEVALIDITYDURATION);
codeLength = CollectionHelper.getMapAttr(options, CODELENGTH);
codeDelivery = CollectionHelper.getMapAttr(options, CODEDELIVERY);
telephoneAttribute = CollectionHelper.getMapAttr(options, ATTRIBUTEPHONE);
carrierAttribute = CollectionHelper.getMapAttr(options, ATTRIBUTECARRIER);
emailAttribute = CollectionHelper.getMapAttr(options, ATTRIBUTEEMAIL);
try {
userSearchAttributes = getUserAliasList();
} catch (final AuthLoginException ale) {
debug.warning("HOTP.init: unable to retrieve search attributes", ale);
}
if (debug.messageEnabled()) {
debug.message("HOTP.init() : " + "telephone attribute=" + telephoneAttribute + " carrier attribute=" + carrierAttribute + " email attribute=" + emailAttribute + " user search attributes=" + userSearchAttributes);
}
java.util.Locale locale = getLoginLocale();
bundle = amCache.getResBundle(amAuthHOTP, locale);
if (debug.messageEnabled()) {
debug.message("HOTP.init() : " + "HOTP resouce bundle locale=" + locale);
}
userName = (String) sharedState.get(getUserKey());
if (userName == null || userName.isEmpty()) {
try {
//Session upgrade case. Need to find the user ID from the old session.
SSOTokenManager mgr = SSOTokenManager.getInstance();
InternalSession isess = getLoginState("HOTP").getOldSession();
if (isess == null) {
throw new AuthLoginException("amAuth", "noInternalSession", null);
}
SSOToken token = mgr.createSSOToken(isess.getID().toString());
userUUID = token.getPrincipal().getName();
userName = token.getProperty("UserToken");
if (debug.messageEnabled()) {
debug.message("HOTP.init() : UserName in SSOToken : " + userName);
}
} catch (SSOException ssoe) {
debug.error("HOTP.init() : Unable to retrieve userName from existing session", ssoe);
} catch (AuthLoginException ale) {
debug.error("HOTP.init() : Unable to retrieve userName from existing session", ale);
}
}
this.sharedState = sharedState;
if (sharedState.containsKey(SKIP_HOTP)) {
skip = (Boolean) sharedState.get(SKIP_HOTP);
}
hotpAutoClicking = CollectionHelper.getMapAttr(options, AUTO_CLICKING).equals("true");
HOTPParams hotpParams = new HOTPParams(gatewaySMSImplClass, Long.parseLong(codeValidityDuration), telephoneAttribute, carrierAttribute, emailAttribute, codeDelivery, currentConfig, Integer.parseInt(codeLength), bundle.getString("messageSubject"), bundle.getString("messageContent"), FROM_ADDRESS, userSearchAttributes);
hotpService = new HOTPService(getAMIdentityRepository(getRequestOrg()), userName, hotpParams);
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
SSOToken(com.iplanet.sso.SSOToken)
InternalSession(com.iplanet.dpro.session.service.InternalSession)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
AuthErrorCodeException(com.sun.identity.authentication.spi.AuthErrorCodeException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
InvalidPasswordException(com.sun.identity.authentication.spi.InvalidPasswordException)
SSOException(com.iplanet.sso.SSOException)
Example 22 with InternalSession
use of com.iplanet.dpro.session.service.InternalSession in project OpenAM by OpenRock.
the class AuthenticatorOATH method checkForSessionAndGetUsernameAndUUID.
private void checkForSessionAndGetUsernameAndUUID() throws SSOException, AuthLoginException {
if (StringUtils.isEmpty(userName)) {
// session upgrade case. Need to find the user ID from the old
SSOTokenManager mgr = SSOTokenManager.getInstance();
InternalSession isess = getLoginState("OATH").getOldSession();
if (isess == null) {
throw new AuthLoginException("amAuth", "noInternalSession", null);
}
SSOToken token = mgr.createSSOToken(isess.getID().toString());
userId = token.getPrincipal().getName();
userName = token.getProperty("UserToken");
if (debug.messageEnabled()) {
debug.message("OATH.process() : Username from SSOToken : " + userName);
}
if (StringUtils.isEmpty(userName)) {
throw new AuthLoginException("amAuth", "noUserName", null);
}
}
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
SSOToken(com.iplanet.sso.SSOToken)
InternalSession(com.iplanet.dpro.session.service.InternalSession)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
Example 23 with InternalSession
use of com.iplanet.dpro.session.service.InternalSession in project OpenAM by OpenRock.
the class Adaptive method process.
@Override
public int process(Callback[] callbacks, int state) throws AuthLoginException {
int currentScore = 0;
debug.message("{}: process called with state = {}", ADAPTIVE, state);
if (state != ISAuthConstants.LOGIN_START) {
throw new AuthLoginException("Authentication failed: Internal Error - NOT LOGIN_START");
}
if (userName == null || userName.length() == 0) {
// session
try {
SSOTokenManager mgr = SSOTokenManager.getInstance();
InternalSession isess = getLoginState(ADAPTIVE).getOldSession();
if (isess == null) {
throw new AuthLoginException(ADAPTIVE, "noInternalSession", null);
}
SSOToken token = mgr.createSSOToken(isess.getID().toString());
userUUID = token.getPrincipal().getName();
userName = token.getProperty("UserToken");
if (debug.messageEnabled()) {
debug.message("{}.process() : UserName '{}' in SSOToken", ADAPTIVE, userName);
}
if (userName == null || userName.length() == 0) {
throw new AuthLoginException("amAuth", "noUserName", null);
}
} catch (SSOException e) {
debug.message("{}: amAuthIdentity NULL ", ADAPTIVE);
throw new AuthLoginException(ADAPTIVE, "noIdentity", null);
}
}
if (debug.messageEnabled()) {
debug.message("{}: Login Attempt Username = {}", ADAPTIVE, userName);
}
amAuthIdentity = getIdentity();
clientIP = ClientUtils.getClientIPAddress(getHttpServletRequest());
if (amAuthIdentity == null) {
throw new AuthLoginException(ADAPTIVE, "noIdentity", null);
}
try {
if (IPRangeCheck) {
int retVal = checkIPRange();
if (debug.messageEnabled()) {
debug.message("{}.checkIPRange: returns {}", ADAPTIVE, retVal);
}
currentScore += retVal;
}
if (IPHistoryCheck) {
int retVal = checkIPHistory();
if (debug.messageEnabled()) {
debug.message("{}.checkIPHistory: returns {}", ADAPTIVE, retVal);
}
currentScore += retVal;
}
if (knownCookieCheck) {
int retVal = checkKnownCookie();
if (debug.messageEnabled()) {
debug.message("{}.checkKnownCookie: returns {}", ADAPTIVE, retVal);
}
currentScore += retVal;
}
if (timeOfDayCheck) {
int retVal = checkTimeDay();
if (debug.messageEnabled()) {
debug.message("{}.checkTimeDay: returns {}", ADAPTIVE, retVal);
}
currentScore += retVal;
}
if (timeSinceLastLoginCheck) {
int retVal = checkLastLogin();
if (debug.messageEnabled()) {
debug.message("{}.checkLastLogin: returns {}", ADAPTIVE, retVal);
}
currentScore += retVal;
}
if (riskAttributeCheck) {
int retVal = checkRiskAttribute();
if (debug.messageEnabled()) {
debug.message("{}.checkRiskAttribute: returns {}", ADAPTIVE, retVal);
}
currentScore += retVal;
}
if (authFailureCheck) {
int retVal = checkAuthFailure();
if (debug.messageEnabled()) {
debug.message("{}.checkAuthFailure: returns {}", ADAPTIVE, retVal);
}
currentScore += retVal;
}
if (deviceCookieCheck) {
int retVal = checkRegisteredClient();
if (debug.messageEnabled()) {
debug.message("{}.checkRegisteredClient: returns {}", ADAPTIVE, retVal);
}
currentScore += retVal;
}
if (geoLocationCheck) {
int retVal = checkGeoLocation();
if (debug.messageEnabled()) {
debug.message("{}.checkGeoLocation: returns {}", ADAPTIVE, retVal);
}
currentScore += retVal;
}
if (reqHeaderCheck) {
int retVal = checkRequestHeader();
if (debug.messageEnabled()) {
debug.message("{}.checkRequestHeader: returns {}", ADAPTIVE, retVal);
}
currentScore += retVal;
}
} catch (Exception ex) {
currentScore = Integer.MAX_VALUE;
debug.error("{}.process() : Unknown exception occurred while executing checks, module will fail.", ADAPTIVE, ex);
}
setPostAuthNParams();
if (currentScore < adaptiveThreshold) {
if (debug.messageEnabled()) {
debug.message("{}: Returning Success. Username='{}'", ADAPTIVE, userName);
}
return ISAuthConstants.LOGIN_SUCCEED;
} else {
if (debug.messageEnabled()) {
debug.message("{}: Returning Fail. Username='{}'", ADAPTIVE, userName);
}
throw new AuthLoginException(ADAPTIVE + " - Risk determined.");
}
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
SSOToken(com.iplanet.sso.SSOToken)
InternalSession(com.iplanet.dpro.session.service.InternalSession)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
ParseException(java.text.ParseException)
AuthLoginException(com.sun.identity.authentication.spi.AuthLoginException)
SSOException(com.iplanet.sso.SSOException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
IdRepoException(com.sun.identity.idm.IdRepoException)
GeoIp2Exception(com.maxmind.geoip2.exception.GeoIp2Exception)
IOException(java.io.IOException)
AuthenticationException(com.sun.identity.authentication.spi.AuthenticationException)
Example 24 with InternalSession
use of com.iplanet.dpro.session.service.InternalSession in project OpenAM by OpenRock.
the class SessionAdapter method fromToken.
/**
* Convert from a Token to an Internal Session.
*
* Simply deserialise the InternalSession from the JSON blob.
*
* @param token Token to be converted back to its original format.
* @return Non null InternalSession.
*/
public InternalSession fromToken(Token token) {
String jsonBlob = blobUtils.getBlobAsString(token);
int index = findIndexOfValidField(jsonBlob);
// Do we need to insert the LatestAccessTime Into the Blob?
String latestAccessTime = token.getValue(SessionTokenField.LATEST_ACCESS_TIME.getField());
if (latestAccessTime != null && index != -1) {
// Assemble the Sting to insert
// latestAccessTime
String fieldName = SessionTokenField.LATEST_ACCESS_TIME.getInternalSessionFieldName();
// "latestAccessTime":
String jsonField = JSONSerialisation.jsonAttributeName(fieldName);
// "latestAccessTime":12345,
String addition = jsonField + latestAccessTime + ",";
// Insert the string into the JSON Blob
jsonBlob = jsonBlob.substring(0, index) + addition + jsonBlob.substring(index, jsonBlob.length());
}
InternalSession session = serialisation.deserialise(jsonBlob, InternalSession.class);
if (session.getSessionHandle() == null) {
//Originally the sessionHandle was stored in the serialize token, so if after the deserialization the
//sessionHandle field is not set, then we should attempt to retrieve the value directly from the token.
session.setSessionHandle(token.<String>getValue(SessionTokenField.SESSION_HANDLE.getField()));
}
return session;
}
Also used :
InternalSession(com.iplanet.dpro.session.service.InternalSession)
Example 25 with InternalSession
use of com.iplanet.dpro.session.service.InternalSession in project OpenAM by OpenRock.
the class StatelessSessionActivatorTest method shouldActivateStatelessSessions.
@Test
public void shouldActivateStatelessSessions() throws Exception {
// Given
InternalSession mockSession = mock(InternalSession.class);
String userDn = "fred";
given(mockLoginState.getUserDN()).willReturn(userDn);
// When
testActivator.activateSession(mockSession, mockLoginState);
// Then
verify(mockSession).activate(userDn, true);
}
Also used :
InternalSession(com.iplanet.dpro.session.service.InternalSession)
Test(org.testng.annotations.Test)
Aggregations
InternalSession (com.iplanet.dpro.session.service.InternalSession)42
SessionID (com.iplanet.dpro.session.SessionID)17
Test (org.testng.annotations.Test)16
SSOException (com.iplanet.sso.SSOException)10
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)10
SSOToken (com.iplanet.sso.SSOToken)9
Token (org.forgerock.openam.cts.api.tokens.Token)8
SessionException (com.iplanet.dpro.session.SessionException)6
SSOTokenManager (com.iplanet.sso.SSOTokenManager)5
IOException (java.io.IOException)5
ModelControlException (com.iplanet.jato.model.ModelControlException)4
Map (java.util.Map)4
Session (com.iplanet.dpro.session.Session)3
AuthContextLocal (com.sun.identity.authentication.server.AuthContextLocal)3
AuthD (com.sun.identity.authentication.service.AuthD)3
SessionInfo (com.iplanet.dpro.session.share.SessionInfo)2
AuthException (com.sun.identity.authentication.service.AuthException)2
InvalidPasswordException (com.sun.identity.authentication.spi.InvalidPasswordException)2
ISLocaleContext (com.sun.identity.common.ISLocaleContext)2
SMSException (com.sun.identity.sm.SMSException)2
