Package oracle.security.am.asdk

Class BaseUserSession

java.lang.Object
oracle.security.am.asdk.BaseUserSession
Direct Known Subclasses:
PseudoUserSession, UserSession
public abstract class BaseUserSession extends Object

BaseUserSession class implements APIs common to UserSession and PseudoUserSession. BaseUserSession is internal to the implementation of this Access SDK and should not be used or extended by the end application.

  • Field Details

  • Method Details

    • getLevel

      public int getLevel() throws AccessException
      Returns authentication scheme level at which user is authenticated.
      Returns:
      Authentication scheme level
      Throws:
      AccessException - If error occurs during operation

    • getUserIdentity

      public String getUserIdentity() throws AccessException
      Returns the DN of the user's profile entry in the user directory.
      Returns:
      DN of the user's profile entry
      Throws:
      AccessException - If error occurs during operation

    • getLocation

      public String getLocation() throws AccessException
      Returns the IP address of the client as specified by the application while creating the session.
      Returns:
      IP address of the client
      Throws:
      AccessException - If error occurs during operation

    • getAction

      public String getAction<wbr>(String actionType, String name)
      Returns action corresponding to the action name and type specified. The actions are the responses that OAM server returns after authentication and authorization. The actions that are returned during authentication or authorization depends on policies configured in the OAM server.

      Each resource type defines the following set of action types: cookie, headervar and redirecturl for http resources. The redirecturl action type indicates the url where the user should be redirected to for successful or failed authentication or authorization. To retrieve the redirection url set action type to "redirecturl" and name to "HTTP_REDIRECT".

      Parameters:
      actionType - type of action to be retrieved. If this is left NULL, the default is headervar.
      name - name of the action to be retrieved.
      Returns:
      Action corresponding to the action name and type specified.

    • getActions

      public Hashtable getActions<wbr>(String actionType)
      Returns hashtable containing actions in the form of name/value pairs of String type for specified actionType. The actions are the responses that OAM server returns after authentication and authorization. The actions that are returned during authentication or authorization depends on policies configured in the OAM server.

      Each resource type defines the following set of action types: cookie, headervar and redirecturl for http resources. The redirecturl action type indicates the url where the user should be redirected to for successful or failed authentication or authorization. To retrieve the redirection url set action type to "redirecturl".

      Parameters:
      actionType - type of action to be retrieved. If this is left NULL, the default is "headervar".
      Returns:
      Hashtable containing actions in the form of name/value pairs of String type.

    • getNumberOfActions

      public int getNumberOfActions<wbr>(String actionType)
      Returns number of actions of the specified type that are returned by OAM server as part of authentication or authorization. The actions are the responses that OAM server returns after authentication and authorization. The actions that are returned during authentication or authorization depends on policies configured in the OAM server.

      Each resource type defines the following set of action types: cookie, headervar and redirecturl for http resources.

      Parameters:
      actionType - type of action to be retrieved. If this is left NULL, the default is headervar.
      Returns:
      Number of actions of the specified type that are associated with the specified user session.

    • getActionTypes

      public String[] getActionTypes()
      Returns string array of all the action types returned by the OAM server as part of authentication or authorization. The actions are the responses that OAM server returns after authentication and authorization. The actions that are returned during authentication or authorization depends on policies configured in the OAM server.

      Each resource type defines the following set of action types: cookie, headervar and redirecturl for http resources.

      Returns:
      String array of all the action types returned by the OAM server as part of authentication or authorization.

    • clearActions

      public void clearActions()
      Clears all information pertaining to actions that was retrieved as part of previous authentication or authorization operation. The actions are the responses that OAM server returns after authentication and authorization. The actions that are returned during authentication or authorization depends on policies configured in the OAM server.

    • getStatus

      public int getStatus() throws AccessException
      Provides integer value representing the current status of the session. The return value of this function can be checked against below constants exposed by this class.
      • 0 for AWAITINGLOGIN
      • 1 for LOGGEDIN
      • 2 for LOGGEDOUT
      • 3 for LOGINFAILED
      • 4 for EXPIRED
      Returns:
      Status information of this user session
      Throws:
      AccessException - If error occurs during operation

    • getError

      public int getError()
      Returns error number determined by the most recent authentication or authorization. Error
      Returns:
      Error number for error condition

    • getCustomError

      public String getCustomError()
      Returns plugin error code sent by the custom plugin Error
      Returns:
      plugin error code

    • getErrorMessage

      public String getErrorMessage()
      Returns detailed error message pertaining to authentication or authorization failure. The text of this message is derived by the AccessClient and is not intended to be changed by the user.
      Returns:
      Error message describing error condition

    • isAuthorized

      public boolean isAuthorized<wbr>(ResourceRequest res, Hashtable parameters) throws AccessException
      To check whether the user is authorized to access the resource
      Parameters:
      res - object representing a requested resource whose authorization is to be checked.
      parameters - Hashtable of name-value pairs of String type required by These parameters are required if the authorization policy requires additional information to perform authorization. The parameters that are required for authorization can be obtained by using getAuthorizationParameters method of ResourceRequest
      Returns:
      Boolean true if the user is authorized to request an operation for a particular resource else returns false
      Throws:
      AccessException - In case a failure occurs during the operation

    • isAuthorized

      public boolean isAuthorized<wbr>(ResourceRequest res) throws AccessException
      To check whether the user is authorized to access the resource
      Parameters:
      res - object representing a requested resource whose authorization is to be checked.
      Returns:
      Boolean true if the user is authorized to request an operation for a particular resource else returns false
      Throws:
      AccessException - In case a failure occurs during the operation

    • setLocation

      public void setLocation<wbr>(String sLocation) throws AccessException
      Sets the IP address of the client as provided by the application.
      Parameters:
      sLocation - IP address of the client
      Throws:
      AccessException - In case if it fails to validate Ip address