Sun OpenSSO Enterprise 8.0 Developer's Guide


The SSOToken interface represents the session identifier returned from the createSSOToken() method, and is used to retrieve session data such as the authenticated principal name, authentication method, and other session information (for example, session idle time and maximum session time). The SSOToken interface has methods to get predefined session information such as:

Caution – Caution –

The methods getTimeLeft() and getIdleTime() return values in seconds while the methods getMaxSessionTime() and getMaxIdleTime() return values in minutes.

The following code sample illustrates how to use SSOToken to print session properties.

Example 3–2 Using SSOToken to Print Session Properties

		/* get http request output stream for output */

PrintWriter out = response.getWriter();

		/* get the sso token from http request */

SSOTokenManager ssoManager = SSOTokenManager.getInstance();
SSOToken ssoToken = ssoManager.createSSOToken(request);

		/* get the sso token ID from the sso token */

SSOTokenID ssoTokenID = ssoToken.getTokenID();
out.println("The SSO Token ID is "+ssoTokenID.toString());

		/* use validate method to check if the token is valid */

try {
out.println("The SSO Token validated.");

} catch (SSOException e) {
out.println("The SSO Token failed to validate.");

		/* use isValid method to check if the token is valid */

if (!ssoManager.isValidToken(token)) {
out.println("The SSO Token is not valid.");
} else {

		/* get some values from the SSO Token */ principal = ssoToken.getPrincipal();
out.println("Principal name is "+principal.getName());

String authType = ssoToken.getAuthType();
out.println("Authentication type is "+authType);

int authLevel = ssoToken.getAuthLevel();
out.println("Authentication level is "+authLevel);

long idleTime = ssoToken.getIdleTime();
out.println("Idle time is "+idleTime);

long maxIdleTime = ssoToken.getMaxIdleTime();
out.println("Max idle time is "+maxIdleTime);

long maxTime = token.getMaxSessionTime();
out.println("Max session time is "+maxTime);

String host = ssoToken.getHostName();
out.println("Host name is "+host);

		/* host name is a predefined information of the session,
		/* and can also be obtained the following way */

String hostProperty = ssoToken.getProperty("HOST");
out.println("Host property is "+hostProperty);

		/* set application specific information in session */

String appPropertyName = "app1propA";
String appPropertyValue = "appValue";
ssoToken.setProperty(appPropertyName, appPropertyValue);

		/* now get the app specific information back */

String appValue = ssoToken.getProperty(appPropertyName);
if (appValue.equals(appPropertyValue)) {
out.println("Property "+appPropertyName+", 
 value "+appPropertyValue+" verified to be set.");
} else {
out.println("ALERT: Setting property "+appPropertyName+" failed!");