|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface SessionProvider
Interface used for creating sessions, and for accessing session information.
Field Summary | |
---|---|
static String |
AUTH_INSTANT
This constant string is used as a property name to indicate the authentication instant. |
static String |
AUTH_LEVEL
This constant string is used in the implementation and calling of the first method for passing an authentication level in a map. |
static String |
AUTH_METHOD
This constant string is used as a property name to indicate the authentication method. |
static String |
HOST
This constant string is used as a property name to indicate the client host. |
static String |
HOST_NAME
This constant string is used as a property name to indicate the client hostname. |
static String |
PRINCIPAL_NAME
This constant string is used in the implementation and calling of the first method for passing a principal name in a map. |
static String |
REALM
This constant string is used in the implementation and calling of the first method for passing a realm name in a map. |
Method Summary | |
---|---|
void |
addListener(Object session,
SessionListener listener)
Registers a listener for the session. |
Object |
createSession(Map info,
HttpServletRequest request,
HttpServletResponse response,
StringBuffer targetApplication)
Meaningful only for Service Provider side, the implementation of this method will create a local session for the local user identified by the information in the map. |
String |
getPrincipalName(Object session)
Returns princiapl name, or user name given the session object. |
String[] |
getProperty(Object session,
String name)
Returns property value of a session object. |
Object |
getSession(HttpServletRequest request)
Returns the corresponding session object. |
Object |
getSession(String sessionID)
Returns the corresponding session object. |
String |
getSessionID(Object session)
Returns session ID. |
long |
getTimeLeft(Object session)
Returns the time left for this session in seconds. |
void |
invalidateSession(Object session,
HttpServletRequest request,
HttpServletResponse response)
May be used by both SP and IDP side to invalidate a session. |
boolean |
isValid(Object session)
Returns true if the session is valid. |
String |
rewriteURL(Object session,
String URL)
Returns rewritten URL. |
void |
setLoadBalancerCookie(HttpServletResponse response)
Sets a load balancer cookie in the suppled HTTP response. |
void |
setProperty(Object session,
String name,
String[] values)
Stores a property in the session object. |
Field Detail |
---|
static final String REALM
static final String PRINCIPAL_NAME
static final String AUTH_LEVEL
static final String AUTH_METHOD
getProperty
method.
static final String AUTH_INSTANT
getProperty
method.
static final String HOST
static final String HOST_NAME
Method Detail |
---|
Object createSession(Map info, HttpServletRequest request, HttpServletResponse response, StringBuffer targetApplication) throws SessionException
info
- a Map with keys and values being of type String; The
keys will include SessionProvider.PRINCIPAL_NAME
(returned from SPAccountMapper
),
SessionProvider.REALM
,
SessionProvider.AUTH_LEVEL
,
SessionProvider.AUTH_INSTANT
, and may include
"resourceOffering"
and/or "idpEntityID"
;
The implementation of this method could choose to set some of
the information contained in the map into the newly created
Session by calling setProperty()
, later the target
application may consume the information.request
- the HttpServletRequesa
t the user made to
initiate the Single Sign On; Note that it should be the initial
request coming from the browser as opposed to the possible
subsequent back-channel HTTP request for delivering
SOAP message.response
- the HttpServletResponse
that will be sent
to the user (for example it could be used to set a cookie).targetApplication
- the original resource that was requested
as the target of the Single Sign On by the end user; If needed,
this String could be modified, e.g., by appending query
string(s) or by URL rewriting, hence this is an in/out parameter.
SessionException
- if an error occurred during session creation.Object getSession(String sessionID) throws SessionException
sessionID
- the unique session handle.
SessionException
- if an error occurred during session
retrieval.Object getSession(HttpServletRequest request) throws SessionException
request
- the browser initiated HTTP request.
SessionException
- if an error occurred during session
retrieval.void invalidateSession(Object session, HttpServletRequest request, HttpServletResponse response) throws SessionException
session
- the session to be invalidatedrequest
- the browser initiated HTTP request.response
- the HTTP response going back to browser.
SessionException
- if an error occurred during session
retrieval.boolean isValid(Object session) throws SessionException
true
if the session is valid.
This is useful for toolkit clean-up thread.
session
- Session object.
true
if the session is valid.
SessionException
String getSessionID(Object session)
String getPrincipalName(Object session) throws SessionException
session
- Session object.
SessionException
- if getting the principal name
causes an error.void setProperty(Object session, String name, String[] values) throws SessionException
session
- the session object.name
- the property name.values
- the property values.
UnsupportedOperationException
- if this method
is not supported.
SessionException
- if setting the property in
the session causes an error.String[] getProperty(Object session, String name) throws SessionException
session
- the session object.name
- the property name.
UnsupportedOperationException
- if this method
is not supported.
SessionException
- if getting the property from
the session causes an error.String rewriteURL(Object session, String URL) throws SessionException
session
- the session object.URL
- the URL to be rewritten.
SessionException
- if rewritting the URL
causes an error.void addListener(Object session, SessionListener listener) throws SessionException
session
- the session object.listener
- listener for the session invalidation event.
UnsupportedOperationException
- if this method
is not supported.
SessionException
- if adding the listener in the
session causes an error.void setLoadBalancerCookie(HttpServletResponse response)
response
- the HttpServletResponse
that will be sent
to the user.long getTimeLeft(Object session) throws SessionException
session
- Session object.
A
- SessionException is thrown if the session reached its maximum
session time, or the session was destroyed, or there was an error during
communication with session service.
SessionException
|
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | ||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |