Skip navigation links

Oracle Access Manager Access SDK Java API Reference
11g Release 1 (11.1.1)

E22472-01


com.oblix.access
Class ObPseudoUserSession

java.lang.Object
  extended by com.oblix.access.ObPseudoUserSession

All Implemented Interfaces:
ObPseudoUserSessionInterface, java.lang.Cloneable

Deprecated. Implements the ObPseudoUserSession Interface.

public class ObPseudoUserSession
extends java.lang.Object
implements ObPseudoUserSessionInterface, java.lang.Cloneable

ObPseudoUserSession provides a way to authenticate and authorize without establishing and maintaining a specific corresponding user session in the OAM 11g Server. It supports similar operations that one can perform with user session and has similar constructs but does not actually establish any session at the server.

ObPseudoUserSession could be used when a requirement is to just validate the credentials of the user or get user authorized for a given resource without really establishing the sesion.
It also can be used to prevent accumulation of multiple sessions for a single user.

This constructor takes a ObResourceRequest object, a Hashtable of credentials, and a flag to indicate whether a one time authentication or authentication plus authorization is required. The ObResourceRequest object determines the authentication scheme that is to be applied to the credentials to authenticate the user. The ObResourceRequest object also determines other aspects of authentication policy such as success or failure action.


Constructor Summary
ObPseudoUserSession(ObResourceRequest resReq, java.util.Hashtable credentials, boolean authorize)
          Deprecated. Constructs a ObPseudoUserSession object with specified parameters.
ObPseudoUserSession(ObResourceRequest resReq, java.util.Hashtable credentials, boolean authorize, java.lang.String location)
          Deprecated. Constructs a ObPseudoUserSession object with specified parameters.

 

Method Summary
 void clearActions()
          Deprecated. Clears all information pertaining to actions that was retrieved as part of previous authentication or authorization operation.
 java.lang.String getAction(java.lang.String actionType, java.lang.String name)
          Deprecated. Returns action corresponding to the action name and type specified.
 java.util.Hashtable getActions(java.lang.String actionType)
          Deprecated. Returns hashtable containing actions in the form of name/value pairs of String type for specified actionType.
 java.lang.String[] getActionTypes()
          Deprecated. Returns string array of all the action types returned by the OAM server as part of authentication or authorization.
 int getError()
          Deprecated. Returns the error number from the most recent authentication or authorization Error
 java.lang.String getErrorMessage()
          Deprecated. Returns the detailed error message for the authentication or authorization failure
 int getLevel()
          Deprecated. Returns the level of authentication scheme used to authenticate the user
 java.lang.String getLocation()
          Deprecated. Returns the IP address of the user's client
 int getNumberOfActions(java.lang.String actionType)
          Deprecated. Returns number of actions of the specified type that are associated with the specified user session.
 int getStatus()
          Deprecated. Provides integer value representing the current status of the session.
 java.lang.String getUserIdentity()
          Deprecated. Returns the DN of the user's profile entry in the user directory.
 boolean isAuthorized(ObResourceRequest res)
          Deprecated. Checks if the user is authorized to request an operation for a particular resource
 boolean isAuthorized(ObResourceRequest res, java.util.Hashtable parameters)
          Deprecated. Checks if the user is authorized to request an operation for a particular resource

 

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Constructor Detail

ObPseudoUserSession

public ObPseudoUserSession(ObResourceRequest resReq,
                           java.util.Hashtable credentials,
                           boolean authorize)
                    throws ObAccessException
Deprecated. 
Constructs a ObPseudoUserSession object with specified parameters.
Parameters:
resReq - ObResource Request object representing a requested resource.
credentials - Hashtable containing the key/value pairs of String type.
  • userid : Required for Basic and Form ObAuthenticationScheme
  • password : Required for Basic and Form ObAuthenticationScheme
    In case of Form AuthenticationScheme username and password are challenge parameters of AuthenticationScheme.
    For Basic AuthenticationScheme username and password are "userid" and "password"
  • certificate : Required for Certificate ObAuthenticationScheme. The value for this certificate key should be Base64 Encoded string which represent a valid X.509 certificate.
  • ip (Optional) : IP address, in dotted notation, of the client accessing the resource
  • operation (Optional) : Operation attempted on the resource. For HTTP resources, one of GET,POST,PUT,HEAD,DELETE, TRACE,OPTIONS,CONNECT,OTHER.
  • resource (Optional) : The requested resource identifier. For HTTP resources, the full URL.
  • targethost (Optional) : The host (host:port) to which resource request is sent.
    One or more of the optional parameters above may be required by certain authentication schemes, modules, or plugins as configured in the OAM server. Refer to your OAM server configuration and documentation to determine which parameters to supply.
authorize - indicates whether one time authentication is required or authenticate & authorize
Throws:
ObAccessException - If errors occur during authentication or authorization or some other error during object creation

ObPseudoUserSession

public ObPseudoUserSession(ObResourceRequest resReq,
                           java.util.Hashtable credentials,
                           boolean authorize,
                           java.lang.String location)
                    throws ObAccessException
Deprecated. 
Constructs a ObPseudoUserSession object with specified parameters.
Parameters:
resReq - ObResource Request object representing a requested resource.
credentials - Hashtable containing the key/value pairs of String type.
  • userid : Required for Basic and Form ObAuthenticationScheme
  • password : Required for Basic and Form ObAuthenticationScheme
    In case of Form AuthenticationScheme username and password are challenge parameters of AuthenticationScheme.
    For Basic AuthenticationScheme username and password are "userid" and "password"
  • certificate : Required for Certificate ObAuthenticationScheme. The value for this certificate key should be Base64 Encoded string which represent a valid X.509 certificate.
  • ip (Optional) : IP address, in dotted notation, of the client accessing the resource
  • operation (Optional) : Operation attempted on the resource. For HTTP resources, one of GET,POST,PUT,HEAD,DELETE, TRACE,OPTIONS,CONNECT,OTHER.
  • resource (Optional) : The requested resource identifier. For HTTP resources, the full URL.
  • targethost (Optional) : The host (host:port) to which resource request is sent.
    One or more of the optional parameters above may be required by certain authentication schemes, modules, or plugins as configured in the OAM server. Refer to your OAM server configuration and documentation to determine which parameters to supply.
authorize - indicates whether one time authentication is required or authenticate and authorize
location - IP address of the client as specified by the application.
Throws:
ObAccessException - If errors occur during authentication or authorization or some other error during object creation

Method Detail

getAction

public java.lang.String getAction(java.lang.String actionType,
                                  java.lang.String name)
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Returns action corresponding to the action name and type specified. The actions are the responses that OAM server returns after authentication and authorization. The actions that are returned during authentication or authorization depends on policies configured in the OAM server.

Each resource type defines the following set of action types: cookie, headervar and redirecturl for http resources. The redirecturl action type indicates the url where the user should be redirected to for successful or failed authentication or authorization. To retrieve the redirection url set action type to "redirecturl" and name to "HTTP_REDIRECT".

Specified by:
getAction in interface ObPseudoUserSessionInterface
Parameters:
actionType - type of action to be retrieved. If this is left NULL, the default is headervar.
name - name of the action to be retrieved.
Returns:
Action corresponding to the action name and type specified.

getNumberOfActions

public int getNumberOfActions(java.lang.String actionType)
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Returns number of actions of the specified type that are associated with the specified user session. The actions are the responses that OAM server returns after authentication and authorization. The actions that are returned during authentication or authorization depends on policies configured in the OAM server.

Each resource type defines the following set of action types: cookie, headervar and redirecturl for http resources.

Specified by:
getNumberOfActions in interface ObPseudoUserSessionInterface
Parameters:
actionType - type of action to be retrieved. If this is left NULL, the default is headervar.
Returns:
Number of actions of the specified type that are associated with the specified user session

getActions

public java.util.Hashtable getActions(java.lang.String actionType)
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Returns hashtable containing actions in the form of name/value pairs of String type for specified actionType. The actions are the responses that OAM server returns after authentication and authorization. The actions that are returned during authentication or authorization depends on policies configured in the OAM server.

Each resource type defines the following set of action types: cookie, headervar and redirecturl for http resources. The redirecturl action type indicates the url where the user should be redirected to for successful or failed authentication or authorization. To retrieve the redirection url set action type to "redirecturl".

Specified by:
getActions in interface ObPseudoUserSessionInterface
Parameters:
actionType - type of action to be retrieved. If this is left NULL, the default is "headervar".
Returns:
Hashtable containing actions in the form of name/value pairs of String type.

getActionTypes

public java.lang.String[] getActionTypes()
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Returns string array of all the action types returned by the OAM server as part of authentication or authorization. The actions are the responses that OAM server returns after authentication and authorization. The actions that are returned during authentication or authorization depends on policies configured in the OAM server.

Each resource type defines the following set of action types: cookie, headervar and redirecturl for http resources.

Specified by:
getActionTypes in interface ObPseudoUserSessionInterface
Returns:
String array of all the action types returned by the OAM server as part of authentication or authorization.

clearActions

public void clearActions()
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Clears all information pertaining to actions that was retrieved as part of previous authentication or authorization operation. The actions are the responses that OAM server returns after authentication and authorization. The actions that are returned during authentication or authorization depends on policies configured in the OAM server.
Specified by:
clearActions in interface ObPseudoUserSessionInterface

getStatus

public int getStatus()
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Provides integer value representing the current status of the session. The return value of this function can be checked against below constants exposed by this class.
Specified by:
getStatus in interface ObPseudoUserSessionInterface
Returns:
Status information of this user session
Throws:
ObAccessRuntimeException - in case if it fails to create user session

getError

public int getError()
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Returns the error number from the most recent authentication or authorization Error
Specified by:
getError in interface ObPseudoUserSessionInterface
Returns:
Error number for error condition.

getErrorMessage

public java.lang.String getErrorMessage()
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Returns the detailed error message for the authentication or authorization failure
Specified by:
getErrorMessage in interface ObPseudoUserSessionInterface
Returns:
Error message describing error condition.

isAuthorized

public boolean isAuthorized(ObResourceRequest res)
                     throws ObAccessException
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Checks if the user is authorized to request an operation for a particular resource
Specified by:
isAuthorized in interface ObPseudoUserSessionInterface
Parameters:
res - object representing a requested resource whose authorization is to be checked.
Returns:
Boolean true if authorization succeeds, else false
Throws:
ObAccessException - In case a failure occurs during this operation

isAuthorized

public boolean isAuthorized(ObResourceRequest res,
                            java.util.Hashtable parameters)
                     throws ObAccessException
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Checks if the user is authorized to request an operation for a particular resource
Specified by:
isAuthorized in interface ObPseudoUserSessionInterface
Parameters:
res - object representing a requested resource whose authorization is to be checked.
parameters - Hashtable of name-value pairs of String type required by These parameters are required if the authorization policy requires additional information to perform authorization. The parameters that are required for authorization can be obtained by using getAuthorizationParameters method of ObResourceRequest
Returns:
Boolean true if authorization succeeds, else false
Throws:
ObAccessException - In case a failure occurs during this operation

getUserIdentity

public java.lang.String getUserIdentity()
                                 throws ObAccessException
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Returns the DN of the user's profile entry in the user directory.
Specified by:
getUserIdentity in interface ObPseudoUserSessionInterface
Returns:
DN of the user's profile entry
Throws:
ObAccessException - In case a failure occurs during this operation

getLevel

public int getLevel()
             throws ObAccessException
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Returns the level of authentication scheme used to authenticate the user
Specified by:
getLevel in interface ObPseudoUserSessionInterface
Returns:
Authentication scheme level.
Throws:
ObAccessException - In case a failure occurs during this operation

getLocation

public java.lang.String getLocation()
                             throws ObAccessException
Deprecated. 
Description copied from interface: ObPseudoUserSessionInterface
Returns the IP address of the user's client
Specified by:
getLocation in interface ObPseudoUserSessionInterface
Returns:
IP address of the client.
Throws:
ObAccessException - In case a failure occurs during this operation

Skip navigation links

Oracle Access Manager Access SDK Java API Reference
11g Release 1 (11.1.1)

E22472-01


Copyright © 2000,2011, Oracle® and/or its affiliates. All rights reserved.