Example 51 with SSOTokenManager
use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class AuthClientUtils method getExistingValidSSOToken.
// Get Original Redirect URL for Auth to redirect the Login request
public static SSOToken getExistingValidSSOToken(SessionID sessID) {
SSOToken ssoToken = null;
try {
if (sessID != null) {
String sidString = sessID.toString();
SSOTokenManager manager = SSOTokenManager.getInstance();
SSOToken currentToken = manager.createSSOToken(sidString);
if (manager.isValidToken(currentToken)) {
ssoToken = currentToken;
}
}
} catch (Exception e) {
if (utilDebug.messageEnabled()) {
utilDebug.message("Error in getExistingValidSSOToken", e);
}
return ssoToken;
}
return ssoToken;
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
SSOToken(com.iplanet.sso.SSOToken)
PolicyException(com.sun.identity.policy.PolicyException)
SSOException(com.iplanet.sso.SSOException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
ServerEntryNotFoundException(com.iplanet.services.naming.ServerEntryNotFoundException)
SMSException(com.sun.identity.sm.SMSException)
MalformedURLException(java.net.MalformedURLException)
IOException(java.io.IOException)
AuthException(com.sun.identity.authentication.service.AuthException)
SessionException(com.iplanet.dpro.session.SessionException)
Example 52 with SSOTokenManager
use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class AuthClientUtils method getOrigRedirectURL.
// Get Original Redirect URL for Auth to redirect the Login request
public static String getOrigRedirectURL(HttpServletRequest request, SessionID sessID) {
try {
String sidString = null;
if (sessID != null) {
sidString = sessID.toString();
}
SSOTokenManager manager = SSOTokenManager.getInstance();
SSOToken ssoToken = manager.createSSOToken(sidString);
if (manager.isValidToken(ssoToken)) {
utilDebug.message("Valid SSOToken");
return REDIRECT_URL_VALIDATOR.getRedirectUrl(ssoToken.getProperty(ISAuthConstants.ORGANIZATION), REDIRECT_URL_VALIDATOR.getAndDecodeParameter(request, RedirectUrlValidator.GOTO), ssoToken.getProperty("successURL"));
}
} catch (Exception e) {
if (utilDebug.messageEnabled()) {
utilDebug.message("Error in getOrigRedirectURL:", e);
}
return null;
}
return null;
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
SSOToken(com.iplanet.sso.SSOToken)
PolicyException(com.sun.identity.policy.PolicyException)
SSOException(com.iplanet.sso.SSOException)
UnsupportedEncodingException(java.io.UnsupportedEncodingException)
ServerEntryNotFoundException(com.iplanet.services.naming.ServerEntryNotFoundException)
SMSException(com.sun.identity.sm.SMSException)
MalformedURLException(java.net.MalformedURLException)
IOException(java.io.IOException)
AuthException(com.sun.identity.authentication.service.AuthException)
SessionException(com.iplanet.dpro.session.SessionException)
Example 53 with SSOTokenManager
use of com.iplanet.sso.SSOTokenManager in project OpenAM by OpenRock.
the class ISAuthorizer method isAuthorized.
/**
* Returns <code>true</code> if a given log record should be published.
*
* @param logName Log name on which operation is to be performed.
* @param operation The log operation to be performed.
* @param credential The credential to be authorized.
* @return <code>true</code> if the credential is authorized.
*/
public boolean isAuthorized(String logName, String operation, Object credential) {
SSOToken ssoToken = null;
if (credential instanceof SSOToken) {
ssoToken = (SSOToken) credential;
}
if (ssoToken == null) {
Debug.error("ISAuthorizer.isAuthorized(): SSO Token is null ");
return false;
}
try {
String tmpID = ssoToken.getPrincipal().getName();
if (Debug.messageEnabled()) {
Debug.message("ISAuthorizer.isAuthorized():logName = " + logName + ", op = " + operation + ", uid = " + tmpID);
}
String thisSubConfig = "LogWrite";
if (operation.equalsIgnoreCase("READ")) {
thisSubConfig = "LogRead";
}
SSOTokenManager ssoMgr = SSOTokenManager.getInstance();
if (ssoMgr.isValidToken(ssoToken)) {
Map tmap = new HashMap();
Set actSet;
actSet = Collections.singleton(operation);
try {
String amRealm = ssoToken.getProperty(Constants.ORGANIZATION);
DelegationPermission dp = new // realm
DelegationPermission(// realm
amRealm, // service name
"iPlanetAMLoggingService", // version
"1.0", // config type
"application", // subConfig name
thisSubConfig, // actions
actSet, // extensions
tmap);
DelegationEvaluator de = new DelegationEvaluatorImpl();
if (de.isAllowed(ssoToken, dp, null)) {
return true;
} else {
Debug.error(logName + ":ISAuthorizer.isAuthorized():log rqt to " + operation + " by " + tmpID + " denied.");
}
} catch (DelegationException dex) {
String loggedByID = ssoToken.getPrincipal().getName();
Debug.error("ISAuthorizer.isAuthorized():delegation error: " + "user: " + loggedByID + ", logName = " + logName + ", op = " + operation + ", msg = " + dex.getMessage());
}
} else {
String loggedByID = ssoToken.getPrincipal().getName();
Debug.error("ISAuthorizer.isAuthorized(): access denied " + "for user : " + loggedByID);
}
} catch (SSOException ssoe) {
Debug.error("ISAuthorizer.isAuthorized(): SSOException: ", ssoe);
}
return false;
}
Also used :
SSOTokenManager(com.iplanet.sso.SSOTokenManager)
DelegationEvaluatorImpl(com.sun.identity.delegation.DelegationEvaluatorImpl)
SSOToken(com.iplanet.sso.SSOToken)
Set(java.util.Set)
HashMap(java.util.HashMap)
DelegationEvaluator(com.sun.identity.delegation.DelegationEvaluator)
DelegationException(com.sun.identity.delegation.DelegationException)
SSOException(com.iplanet.sso.SSOException)
Map(java.util.Map)
HashMap(java.util.HashMap)
DelegationPermission(com.sun.identity.delegation.DelegationPermission)
Aggregations
SSOTokenManager (com.iplanet.sso.SSOTokenManager)53
SSOToken (com.iplanet.sso.SSOToken)48
SSOException (com.iplanet.sso.SSOException)39
IdRepoException (com.sun.identity.idm.IdRepoException)11
AMIdentity (com.sun.identity.idm.AMIdentity)9
AuthLoginException (com.sun.identity.authentication.spi.AuthLoginException)8
IOException (java.io.IOException)7
Map (java.util.Map)6
Set (java.util.Set)6
ForbiddenException (org.forgerock.json.resource.ForbiddenException)6
SessionException (com.iplanet.dpro.session.SessionException)5
InternalSession (com.iplanet.dpro.session.service.InternalSession)5
AuthPrincipal (com.sun.identity.authentication.internal.AuthPrincipal)5
AuthException (com.sun.identity.authentication.service.AuthException)5
Iterator (java.util.Iterator)5
AuthContext (com.sun.identity.authentication.AuthContext)4
SMSException (com.sun.identity.sm.SMSException)4
Response (com.iplanet.services.comm.share.Response)3
UnsupportedEncodingException (java.io.UnsupportedEncodingException)3
HashMap (java.util.HashMap)3
