|
Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server 11g Release 2 (11.1.2) E27155-01 ESAPI |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
public interface SsoService
This class provides APIs for applications to integrate with underlying SSO providers. It defines a contract for SSO flow that includes dynamic login, auto login and global logout.
Nested Class Summary |
---|
Nested classes/interfaces inherited from interface oracle.security.jps.service.JpsPersistable |
---|
JpsPersistable.Mode |
Field Summary | |
---|---|
static java.lang.String |
APP_CONTEXT the property name for the application context root. |
static java.lang.String |
AUTH_LEVEL the property name for the authentication level. |
static java.lang.String |
CANCEL_URL the property name for the cancel url. |
static java.lang.String |
FAILURE_URL the property name for the failure url. |
static java.lang.String |
IMP_USER_ID the property name for the user being impersonated. |
static java.lang.String |
SUCCESS_URL the property name for the success url. |
static java.lang.String |
TARGET_URL the property name for the target url. |
Method Summary | |
---|---|
void |
autoLogin(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Collection<Credential> creds, java.util.Map<java.lang.String,?> props) This method sends a response to initiate the SSO auto login process. |
void |
beginImpersonation(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Map<java.lang.String,?> props) This method sends a response to start the impersonation session supported by the underlying SSO provider. |
void |
endImpersonation(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Map<java.lang.String,?> props) This method sends a response to end the impersonation session supported by the underlying SSO provider. |
void |
login(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Map<java.lang.String,?> props) This method sends a response to initiate the SSO authentication process at the specific authentication level. |
void |
logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Map<java.lang.String,?> props) This method sends a response to initiate the global logout process supported by the underlying SSO provider. |
Methods inherited from interface oracle.security.jps.service.ServiceInstance |
---|
accept, getName, getServiceProvider |
Methods inherited from interface oracle.security.jps.service.JpsPersistable |
---|
persist, refresh |
Field Detail |
---|
static final java.lang.String SUCCESS_URL
static final java.lang.String CANCEL_URL
static final java.lang.String AUTH_LEVEL
static final java.lang.String TARGET_URL
static final java.lang.String APP_CONTEXT
static final java.lang.String FAILURE_URL
static final java.lang.String IMP_USER_ID
Method Detail |
---|
void login(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Map<java.lang.String,?> props) throws SsoServiceException
The supplied success and cancel URL can contain query parameters. If an application needs to pass more context information, it should be encoded as part of the success and cancel URLs.
request
- the client request that requires user authentication to be performedresponse
- the response associated with the request
props
- used to convey the following information in the form of name-value that is relevant to the login process:
SsoService.SUCCESS_URL
[type String, required]: the URL that the user agent must be taken to upon successful authenticationSsoService.CANCEL_URL
[type String, optional]: the URL that the user agent must be taken to if the user chooses to cancel the login from the login formSsoService.AUTH_LEVEL
[type String, optional]: an integer in string that indicates the level of authentication required to access a resource. The default authentication level will be used if no authentication level is suppliedSsoService.APP_CONTEXT
[type String, required if application scoped]: the context root of the applicationSsoServiceException
- thrown if an error occurs that interferes with the service's normal operationvoid logout(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Map<java.lang.String,?> props) throws SsoServiceException
request
- the client request that requires global logout to be performedresponse
- the response associated with the request
props
- used to convey the following information in the form of name-value that is relevant to the logout process:
SsoService.TARGET_URL
[type String, required]: the URL that the user agent must be taken to upon successful logout. It is expected that any application context will be encoded in this URLSsoService.APP_CONTEXT
[type String, required if application scoped]: the context root of the applicationSsoServiceException
- thrown if an error occurs that interferes with the service's normal operationvoid autoLogin(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Collection<Credential> creds, java.util.Map<java.lang.String,?> props) throws SsoServiceException
JpsPermission
named CredentialMapping
is required to execute this API.creds
- a collection of user credentialsrequest
- the client request that requires user auto login to be performedresponse
- the response associated with the request
props
- used to convey the following information in the form of name-value that is relevant to the auto login process:
SsoService.TARGET_URL
[type String, required]: the landing page URL that the user agent must be taken to upon successful authentication after self-registrationSsoService.APP_CONTEXT
[type String, required if application scoped]: the context root of the applicationSsoServiceException
- thrown if an error occurs that interferes with the service's normal operationvoid beginImpersonation(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Map<java.lang.String,?> props) throws SsoServiceException
The supplied success and failure URL can contain query parameters. If an application needs to pass more context information, it should be encoded as part of the success and failure URLs.
The SSO provider is responsible for performing any required security check.
request
- the client request that requires the impersonation session to be startedresponse
- the response associated with the request
props
- used to convey the following information in the form of name-value that is relevant to starting the impersonation session:
SsoService.SUCCESS_URL
[type String]: the URL that the user agent must be taken to after the impersonation session startedSsoService.FAILURE_URL
[type String]: the URL that the user agent must be taken to if failed to start the impersonation sessionSsoService.IMP_USER_ID
[type String]: the user who is being impersonatedSsoService.APP_CONTEXT
[type String]: the context root of the applicationSsoServiceException
- thrown if an error occurs that interferes with the service's normal operationvoid endImpersonation(javax.servlet.http.HttpServletRequest request, javax.servlet.http.HttpServletResponse response, java.util.Map<java.lang.String,?> props) throws SsoServiceException
The SSO provider is responsible for performing any required security check.
request
- the client request that requires impersonation session to be endedresponse
- the response associated with the request
props
- used to convey the following information in the form of name-value that is relevant to ending impersonation session:
SsoService.TARGET_URL
[type String]: the URL that the user agent must be taken to upon the impersonation session ended. It is expected that any application context to be encoded in this URLSsoService.APP_CONTEXT
[type String]: the context root of the applicationSsoServiceException
- thrown if an error occurs that interferes with the service's normal operation
|
Oracle Fusion Middleware Management Java API Reference for Oracle Entitlements Server 11g Release 2 (11.1.2) E27155-01 ESAPI |
|||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |