Skip navigation links

oracle.security.jps.service.sso
Interface SsoService

All Superinterfaces:

JpsPersistable, ServiceInstance

public interface SsoService

extends ServiceInstance

This class provides APIs for applications to integrate with underlying SSO providers. It defines a contract for SSO flow that includes dynamic login, auto login and global logout.

Since:

11gR1+

Nested Class Summary

Nested classes/interfaces inherited from interface oracle.security.jps.service.JpsPersistable

JpsPersistable.Mode

Field Summary

static java.lang.String	APP_CONTEXT the property name for the application context root.
static java.lang.String	AUTH_LEVEL the property name for the authentication level.
static java.lang.String	CANCEL_URL the property name for the cancel url.
static java.lang.String	SUCCESS_URL the property name for the success url.
static java.lang.String	TARGET_URL the property name for the target url.

Method Summary

void	autoLogin(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Collection creds, java.util.Map props) This method sends a response to initiate the SSO auto login process.
void	login(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Map props) This method sends a response to initiate the SSO authentication process at the specific authentication level.
void	logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Map props) This method sends a response to initiate the global logout process supported by the underlying SSO provider.

Methods inherited from interface oracle.security.jps.service.ServiceInstance

accept, getName, getServiceProvider

Methods inherited from interface oracle.security.jps.service.JpsPersistable

persist, refresh

Field Detail

SUCCESS_URL

static final java.lang.String SUCCESS_URL

the property name for the success url.

See Also:

Constant Field Values

CANCEL_URL

static final java.lang.String CANCEL_URL

the property name for the cancel url.

See Also:

Constant Field Values

AUTH_LEVEL

static final java.lang.String AUTH_LEVEL

the property name for the authentication level.

See Also:

Constant Field Values

TARGET_URL

static final java.lang.String TARGET_URL

the property name for the target url.

See Also:

Constant Field Values

APP_CONTEXT

static final java.lang.String APP_CONTEXT

the property name for the application context root.

See Also:

Constant Field Values

Method Detail

login

void login(javax.servlet.http.HttpServletRequest request,
           javax.servlet.http.HttpServletResponse response,
           java.util.Map props)
           throws SsoServiceException

This method sends a response to initiate the SSO authentication process at the specific authentication level.

The supplied success and cancel URL can contain query parameters. If an application needs to pass more context information, it should be encoded as part of the success and cancel URLs.

Parameters:

request - the client request that requires user authentication to be performed

response - the response associated with the request

props - used to convey the following information in the form of name-value that is relevant to the login process:

• SsoService.SUCCESS_URL [type String, required]: represents the URL that the user agent must be sent to after successful authentication
• SsoService.CANCEL_URL [type String, optional]: represents the URL that the user agent must be taken to if the user chooses to cancel the login from the login form
• SsoService.AUTH_LEVEL [type String, optional]: an integer in string that indicates the level of authentication required to access a resource. The default authentication level will be used if no authentication level is supplied
• SsoService.APP_CONTEXT [type String, required if application scoped]: the context root of the application

Throws:

SsoServiceException - thrown if an error occurs that interferes with the service's normal operation

logout

void logout(javax.servlet.http.HttpServletRequest request,
            javax.servlet.http.HttpServletResponse response,
            java.util.Map props)
            throws SsoServiceException

This method sends a response to initiate the global logout process supported by the underlying SSO provider.

Parameters:

request - the client request that requires global logout to be performed

response - the response associated with the request

props - used to convey the following information in the form of name-value that is relevant to the logout process:

• SsoService.TARGET_URL [type String, required]: represents the URL that the user agent must be redirected to upon successful logout. It is expected that any application context will be encoded in this URL
• SsoService.APP_CONTEXT [type String, required if application scoped]: the context root of the application

Throws:

SsoServiceException - thrown if an error occurs that interferes with the service's normal operation

autoLogin

void autoLogin(javax.servlet.http.HttpServletRequest request,
               javax.servlet.http.HttpServletResponse response,
               java.util.Collection creds,
               java.util.Map props)
               throws SsoServiceException

This method sends a response to initiate the SSO auto login process. JpsPermission named CredentialMapping is required to execute this API.

Parameters:

creds - a collection of user credentials

request - the client request that requires user auto login to be performed

response - the response associated with the request

props - used to convey the following information in the form of name-value that is relevant to the auto login process:

• SsoService.TARGET_URL [type String, required]: the landing page URL that the user agent must be redirected to upon successful authentication after self-registration
• SsoService.APP_CONTEXT [type String, required if application scoped]: the context root of the application

Throws:

SsoServiceException - thrown if an error occurs that interferes with the service's normal operation

Skip navigation links