Package oracle.security.am.asdk
Class PseudoUserSession
java.lang.Object
oracle.security.am.asdk.BaseUserSession
oracle.security.am.asdk.PseudoUserSession
- All Implemented Interfaces:
Cloneable
PseudoUserSession provides a way to authenticate and authorize without
establishing and maintaining a specific corresponding user session in the
OAM 11g Server. It supports similar operations that one can perform with
user session and has similar constructs but does not actually establish
any session at the server.
PseudoUserSession could be used when a requirement is to just validate
the credentials of the user or get user authorized for a given resource
without really establishing the sesion.
It also can be used to prevent accumulation of multiple sessions for a
single user.
The class provides a constructor that allows either to perform a one time authentication or a one-time authentication and authorization. This constructor takes a ResourceRequest object, a Hashtable of credentials, and a flag to indicate whether a one time authentication or authentication plus authorization is required. The ResourceRequest object determines the authentication scheme that is to be applied to the credentials to authenticate the user. The ResourceRequest object also determines other aspects of authentication policy such as success or failure action
-
Field Summary
Fields inherited from class oracle.security.am.asdk.BaseUserSession
AWAITINGLOGIN, ERR_AUTHN_PLUGIN_DENIED, ERR_AUTHN_TOKEN_EXPIRED, ERR_DENY, ERR_IDLE_TIMEOUT, ERR_INCONCLUSIVE, ERR_INSUFFICIENT_LEVEL, ERR_INVALID_CERTIFICATE, ERR_MOD_USER_FAILED, ERR_NEED_MORE_DATA, ERR_NO_USER, ERR_NOT_LOGGED_IN, ERR_PASSWORD_CHANGE_ON_RESET, ERR_PASSWORD_EXPIRED, ERR_SESSION_TIMEOUT, ERR_UNKNOWN, ERR_USER_LOCKED_OUT, ERR_USER_REVOKED, ERR_WRONG_PASSWORD, EXPIRED, LOGGED_OUT_SESSION_TOKEN, LOGGEDIN, LOGGEDOUT, LOGINFAILED, OK -
Constructor Summary
ConstructorsConstructorDescriptionPseudoUserSession<wbr>(AccessClient aClient, ResourceRequest resReq, Hashtable credentials, boolean authorize)Constructs a PseudoUserSession object with specified parameters.PseudoUserSession<wbr>(AccessClient aClient, ResourceRequest resReq, Hashtable credentials, boolean authorize, String location)Constructs a PseudoUserSession object with specified parameters.PseudoUserSession<wbr>(oracle.security.am.asdk.LocalAccessClient aClient, ResourceRequest resReq, Hashtable credentials, boolean authorize)Constructs a PseudoUserSession object with specified parameters.PseudoUserSession<wbr>(ResourceRequest resReq, Hashtable credentials, boolean authorize)Constructs a PseudoUserSession object with specified parameters.PseudoUserSession<wbr>(ResourceRequest resReq, Hashtable credentials, boolean authorize, String location)Constructs a PseudoUserSession object with specified parameters. -
Method Summary
Methods inherited from class oracle.security.am.asdk.BaseUserSession
clearActions, getAction, getActions, getActionTypes, getCustomError, getError, getErrorMessage, getLevel, getLocation, getNumberOfActions, getStatus, getUserIdentity, isAuthorized, isAuthorized, setLocation
-
Constructor Details
-
PseudoUserSession
public PseudoUserSession<wbr>(ResourceRequest resReq, Hashtable credentials, boolean authorize, String location) throws AccessExceptionConstructs a PseudoUserSession object with specified parameters.- Parameters:
resReq- Resource Request object representing a requested resource.credentials- Hashtable containing the key/value pairs of String type.- userid : Required for Basic and Form
AuthenticationScheme - password : Required for Basic and Form
AuthenticationScheme
In case of Form AuthenticationScheme username and password are challenge parameters of AuthenticationScheme.
For Basic AuthenticationScheme username and password are "userid" and "password" - certificate : Required for Certificate
AuthenticationScheme. The value for this certificate key should be Base64 Encoded string which represent a valid X.509 certificate. - ip (Optional) : IP address, in dotted notation, of the client accessing the resource
- operation (Optional) : Operation attempted on the resource. For HTTP resources, one of GET,POST,PUT,HEAD,DELETE, TRACE,OPTIONS,CONNECT,OTHER.
- resource (Optional) : The requested resource identifier. For HTTP resources, the full URL.
- targethost (Optional) : The host (host:port) to which
resource request is sent.
One or more of the optional parameters above may be required by certain authentication schemes, modules, or plugins as configured in the OAM server. Refer to your OAM server configuration and documentation to determine which parameters to supply.
- userid : Required for Basic and Form
authorize- indicates whether one time authentication is required or authenticate and authorizelocation- IP address of the client as specified by the application.- Throws:
AccessException- If errors occur during object creation
-
PseudoUserSession
public PseudoUserSession<wbr>(AccessClient aClient, ResourceRequest resReq, Hashtable credentials, boolean authorize, String location) throws AccessExceptionConstructs a PseudoUserSession object with specified parameters.- Parameters:
aClient- AccessClient object to be used for perfoming operations.resReq- Resource Request object representing a requested resource.credentials- Hashtable containing the key/value pairs of String type.- userid : Required for Basic and Form
AuthenticationScheme - password : Required for Basic and Form
AuthenticationScheme
In case of Form AuthenticationScheme username and password are challenge parameters of AuthenticationScheme.
For Basic AuthenticationScheme username and password are "userid" and "password" - certificate : Required for Certificate
AuthenticationScheme. The value for this certificate key should be Base64 Encoded string which represent a valid X.509 certificate. - ip (Optional) : IP address, in dotted notation, of the client accessing the resource
- operation (Optional) : Operation attempted on the resource. For HTTP resources, one of GET,POST,PUT,HEAD,DELETE, TRACE,OPTIONS,CONNECT,OTHER.
- resource (Optional) : The requested resource identifier. For HTTP resources, the full URL.
- targethost (Optional) : The host (host:port) to which
resource request is sent.
One or more of the optional parameters above may be required by certain authentication schemes, modules, or plugins as configured in the OAM server. Refer to your OAM server configuration and documentation to determine which parameters to supply.
- userid : Required for Basic and Form
authorize- indicates whether one time authentication is required or authenticate and authorizelocation- IP address of the client as specified by the application.- Throws:
AccessException- If errors occur during object creation
-
PseudoUserSession
public PseudoUserSession<wbr>(ResourceRequest resReq, Hashtable credentials, boolean authorize) throws AccessExceptionConstructs a PseudoUserSession object with specified parameters.- Parameters:
resReq- Resource Request object representing a requested resource.credentials- Hashtable containing the key/value pairs of String type.- userid : Required for Basic and Form
AuthenticationScheme - password : Required for Basic and Form
AuthenticationScheme
In case of Form AuthenticationScheme username and password are challenge parameters of AuthenticationScheme.
For Basic AuthenticationScheme username and password are "userid" and "password" - certificate : Required for Certificate
AuthenticationScheme. The value for this certificate key should be Base64 Encoded string which represent a valid X.509 certificate. - ip (Optional) : IP address, in dotted notation, of the client accessing the resource
- operation (Optional) : Operation attempted on the resource. For HTTP resources, one of GET,POST,PUT,HEAD,DELETE, TRACE,OPTIONS,CONNECT,OTHER.
- resource (Optional) : The requested resource identifier. For HTTP resources, the full URL.
- targethost (Optional) : The host (host:port) to which
resource request is sent.
One or more of the optional parameters above may be required by certain authentication schemes, modules, or plugins as configured in the OAM server. Refer to your OAM server configuration and documentation to determine which parameters to supply.
- userid : Required for Basic and Form
authorize- indicates whether one time authentication is required or authenticate and authorize- Throws:
AccessException- If errors occur during object creation
-
PseudoUserSession
public PseudoUserSession<wbr>(AccessClient aClient, ResourceRequest resReq, Hashtable credentials, boolean authorize) throws AccessExceptionConstructs a PseudoUserSession object with specified parameters.- Parameters:
aClient- AccessClient object to be used for perfoming operations.resReq- Resource Request object representing a requested resource.credentials- Hashtable containing the key/value pairs of String type.- userid : Required for Basic and Form
AuthenticationScheme - password : Required for Basic and Form
AuthenticationScheme
In case of Form AuthenticationScheme username and password are challenge parameters of AuthenticationScheme.
For Basic AuthenticationScheme username and password are "userid" and "password" - certificate : Required for Certificate
AuthenticationScheme. The value for this certificate key should be Base64 Encoded string which represent a valid X.509 certificate. - ip (Optional) : IP address, in dotted notation, of the client accessing the resource
- operation (Optional) : Operation attempted on the resource. For HTTP resources, one of GET,POST,PUT,HEAD,DELETE, TRACE,OPTIONS,CONNECT,OTHER.
- resource (Optional) : The requested resource identifier. For HTTP resources, the full URL.
- targethost (Optional) : The host (host:port) to which
resource request is sent.
One or more of the optional parameters above may be required by certain authentication schemes, modules, or plugins as configured in the OAM server. Refer to your OAM server configuration and documentation to determine which parameters to supply.
- userid : Required for Basic and Form
authorize- indicates whether one time authentication is required or authenticate and authorize- Throws:
AccessException- If errors occur during object creation
-
PseudoUserSession
public PseudoUserSession<wbr>(oracle.security.am.asdk.LocalAccessClient aClient, ResourceRequest resReq, Hashtable credentials, boolean authorize) throws AccessExceptionConstructs a PseudoUserSession object with specified parameters.- Parameters:
aClient- AccessClient object to be used for perfoming operations.resReq- Resource Request object representing a requested resource.credentials- Hashtable containing the key/value pairs of String type.- userid : Required for Basic and Form
AuthenticationScheme - password : Required for Basic and Form
AuthenticationScheme
In case of Form AuthenticationScheme username and password are challenge parameters of AuthenticationScheme.
For Basic AuthenticationScheme username and password are "userid" and "password" - certificate : Required for Certificate
AuthenticationScheme. The value for this certificate key should be Base64 Encoded string which represent a valid X.509 certificate. - ip (Optional) : IP address, in dotted notation, of the client accessing the resource
- operation (Optional) : Operation attempted on the resource. For HTTP resources, one of GET,POST,PUT,HEAD,DELETE, TRACE,OPTIONS,CONNECT,OTHER.
- resource (Optional) : The requested resource identifier. For HTTP resources, the full URL.
- targethost (Optional) : The host (host:port) to which
resource request is sent.
One or more of the optional parameters above may be required by certain authentication schemes, modules, or plugins as configured in the OAM server. Refer to your OAM server configuration and documentation to determine which parameters to supply.
- userid : Required for Basic and Form
authorize- indicates whether one time authentication is required or authenticate and authorize- Throws:
AccessException- If errors occur during object creation
-