Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Access Manager Access SDK Java API Reference
11g Release 1 (11.1.1)
E22472-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

oracle.security.am.asdk
Class PseudoUserSession

java.lang.Object
  extended by oracle.security.am.asdk.BaseUserSession
      extended by oracle.security.am.asdk.PseudoUserSession

All Implemented Interfaces:
java.lang.Cloneable
public final class PseudoUserSession
extends BaseUserSession
implements java.lang.Cloneable

PseudoUserSession provides a way to authenticate and authorize without establishing and maintaining a specific corresponding user session in the OAM 11g Server. It supports similar operations that one can perform with user session and has similar constructs but does not actually establish any session at the server.

PseudoUserSession could be used when a requirement is to just validate the credentials of the user or get user authorized for a given resource without really establishing the sesion.
It also can be used to prevent accumulation of multiple sessions for a single user.

The class provides a constructor that allows either to perform a one time authentication or a one-time authentication and authorization. This constructor takes a ResourceRequest object, a Hashtable of credentials, and a flag to indicate whether a one time authentication or authentication plus authorization is required. The ResourceRequest object determines the authentication scheme that is to be applied to the credentials to authenticate the user. The ResourceRequest object also determines other aspects of authentication policy such as success or failure action

Field Summary

 

Fields inherited from class oracle.security.am.asdk.BaseUserSession
AWAITINGLOGIN, ERR_AUTHN_PLUGIN_DENIED, ERR_DENY, ERR_IDLE_TIMEOUT, ERR_INCONCLUSIVE, ERR_INSUFFICIENT_LEVEL, ERR_INVALID_CERTIFICATE, ERR_MOD_USER_FAILED, ERR_NEED_MORE_DATA, ERR_NO_USER, ERR_NOT_LOGGED_IN, ERR_PASSWORD_CHANGE_ON_RESET, ERR_PASSWORD_EXPIRED, ERR_SESSION_TIMEOUT, ERR_UNKNOWN, ERR_USER_LOCKED_OUT, ERR_USER_REVOKED, ERR_WRONG_PASSWORD, EXPIRED, LOGGED_OUT_SESSION_TOKEN, LOGGEDIN, LOGGEDOUT, LOGINFAILED, OK

 

Constructor Summary
PseudoUserSession(AccessClient aClient, ResourceRequest resReq, java.util.Hashtable credentials, boolean authorize)
          Constructs a PseudoUserSession object with specified parameters.
PseudoUserSession(AccessClient aClient, ResourceRequest resReq, java.util.Hashtable credentials, boolean authorize, java.lang.String location)
          Constructs a PseudoUserSession object with specified parameters.
PseudoUserSession(ResourceRequest resReq, java.util.Hashtable credentials, boolean authorize)
          Constructs a PseudoUserSession object with specified parameters.
PseudoUserSession(ResourceRequest resReq, java.util.Hashtable credentials, boolean authorize, java.lang.String location)
          Constructs a PseudoUserSession object with specified parameters.

 

Method Summary

 

Methods inherited from class oracle.security.am.asdk.BaseUserSession
clearActions, getAction, getActions, getActionTypes, getError, getErrorMessage, getLevel, getLocation, getNumberOfActions, getStatus, getUserIdentity, isAuthorized, isAuthorized, setLocation

 

Methods inherited from class java.lang.Object
equals, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

 

Constructor Detail

PseudoUserSession

public PseudoUserSession(ResourceRequest resReq,
                         java.util.Hashtable credentials,
                         boolean authorize,
                         java.lang.String location)
                  throws AccessException
Constructs a PseudoUserSession object with specified parameters.
Parameters:
resReq - Resource Request object representing a requested resource.
credentials - Hashtable containing the key/value pairs of String type.
  • userid : Required for Basic and Form AuthenticationScheme
  • password : Required for Basic and Form AuthenticationScheme
    In case of Form AuthenticationScheme username and password are challenge parameters of AuthenticationScheme.
    For Basic AuthenticationScheme username and password are "userid" and "password"
  • certificate : Required for Certificate AuthenticationScheme. The value for this certificate key should be Base64 Encoded string which represent a valid X.509 certificate.
  • ip (Optional) : IP address, in dotted notation, of the client accessing the resource
  • operation (Optional) : Operation attempted on the resource. For HTTP resources, one of GET,POST,PUT,HEAD,DELETE, TRACE,OPTIONS,CONNECT,OTHER.
  • resource (Optional) : The requested resource identifier. For HTTP resources, the full URL.
  • targethost (Optional) : The host (host:port) to which resource request is sent.
    One or more of the optional parameters above may be required by certain authentication schemes, modules, or plugins as configured in the OAM server. Refer to your OAM server configuration and documentation to determine which parameters to supply.
authorize - indicates whether one time authentication is required or authenticate and authorize
location - IP address of the client as specified by the application.
Throws:
AccessException - If errors occur during object creation

PseudoUserSession

public PseudoUserSession(AccessClient aClient,
                         ResourceRequest resReq,
                         java.util.Hashtable credentials,
                         boolean authorize,
                         java.lang.String location)
                  throws AccessException
Constructs a PseudoUserSession object with specified parameters.
Parameters:
aClient - AccessClient object to be used for perfoming operations.
resReq - Resource Request object representing a requested resource.
credentials - Hashtable containing the key/value pairs of String type.
  • userid : Required for Basic and Form AuthenticationScheme
  • password : Required for Basic and Form AuthenticationScheme
    In case of Form AuthenticationScheme username and password are challenge parameters of AuthenticationScheme.
    For Basic AuthenticationScheme username and password are "userid" and "password"
  • certificate : Required for Certificate AuthenticationScheme. The value for this certificate key should be Base64 Encoded string which represent a valid X.509 certificate.
  • ip (Optional) : IP address, in dotted notation, of the client accessing the resource
  • operation (Optional) : Operation attempted on the resource. For HTTP resources, one of GET,POST,PUT,HEAD,DELETE, TRACE,OPTIONS,CONNECT,OTHER.
  • resource (Optional) : The requested resource identifier. For HTTP resources, the full URL.
  • targethost (Optional) : The host (host:port) to which resource request is sent.
    One or more of the optional parameters above may be required by certain authentication schemes, modules, or plugins as configured in the OAM server. Refer to your OAM server configuration and documentation to determine which parameters to supply.
authorize - indicates whether one time authentication is required or authenticate and authorize
location - IP address of the client as specified by the application.
Throws:
AccessException - If errors occur during object creation

PseudoUserSession

public PseudoUserSession(ResourceRequest resReq,
                         java.util.Hashtable credentials,
                         boolean authorize)
                  throws AccessException
Constructs a PseudoUserSession object with specified parameters.
Parameters:
resReq - Resource Request object representing a requested resource.
credentials - Hashtable containing the key/value pairs of String type.
  • userid : Required for Basic and Form AuthenticationScheme
  • password : Required for Basic and Form AuthenticationScheme
    In case of Form AuthenticationScheme username and password are challenge parameters of AuthenticationScheme.
    For Basic AuthenticationScheme username and password are "userid" and "password"
  • certificate : Required for Certificate AuthenticationScheme. The value for this certificate key should be Base64 Encoded string which represent a valid X.509 certificate.
  • ip (Optional) : IP address, in dotted notation, of the client accessing the resource
  • operation (Optional) : Operation attempted on the resource. For HTTP resources, one of GET,POST,PUT,HEAD,DELETE, TRACE,OPTIONS,CONNECT,OTHER.
  • resource (Optional) : The requested resource identifier. For HTTP resources, the full URL.
  • targethost (Optional) : The host (host:port) to which resource request is sent.
    One or more of the optional parameters above may be required by certain authentication schemes, modules, or plugins as configured in the OAM server. Refer to your OAM server configuration and documentation to determine which parameters to supply.
authorize - indicates whether one time authentication is required or authenticate and authorize
Throws:
AccessException - If errors occur during object creation

PseudoUserSession

public PseudoUserSession(AccessClient aClient,
                         ResourceRequest resReq,
                         java.util.Hashtable credentials,
                         boolean authorize)
                  throws AccessException
Constructs a PseudoUserSession object with specified parameters.
Parameters:
aClient - AccessClient object to be used for perfoming operations.
resReq - Resource Request object representing a requested resource.
credentials - Hashtable containing the key/value pairs of String type.
  • userid : Required for Basic and Form AuthenticationScheme
  • password : Required for Basic and Form AuthenticationScheme
    In case of Form AuthenticationScheme username and password are challenge parameters of AuthenticationScheme.
    For Basic AuthenticationScheme username and password are "userid" and "password"
  • certificate : Required for Certificate AuthenticationScheme. The value for this certificate key should be Base64 Encoded string which represent a valid X.509 certificate.
  • ip (Optional) : IP address, in dotted notation, of the client accessing the resource
  • operation (Optional) : Operation attempted on the resource. For HTTP resources, one of GET,POST,PUT,HEAD,DELETE, TRACE,OPTIONS,CONNECT,OTHER.
  • resource (Optional) : The requested resource identifier. For HTTP resources, the full URL.
  • targethost (Optional) : The host (host:port) to which resource request is sent.
    One or more of the optional parameters above may be required by certain authentication schemes, modules, or plugins as configured in the OAM server. Refer to your OAM server configuration and documentation to determine which parameters to supply.
authorize - indicates whether one time authentication is required or authenticate and authorize
Throws:
AccessException - If errors occur during object creation

Skip navigation links

Overview  Package   Class  Use  Tree  Deprecated  Index  Help 
Oracle Access Manager Access SDK Java API Reference
11g Release 1 (11.1.1)
E22472-01
 PREV CLASS   NEXT CLASS FRAMES    NO FRAMES    
SUMMARY: NESTED | FIELD | CONSTR | METHOD DETAIL: FIELD | CONSTR | METHOD

Copyright © 2000,2011, Oracle® and/or its affiliates. All rights reserved.