SSOSession (FatWire Content Server JavaDocs)

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.fatwire.wem.sso
Class SSOSession

java.lang.Object
  com.fatwire.wem.sso.SSOSession

public class SSOSession
extends java.lang.Object
extends java.lang.Object

Single Sign session. This class is the single entry point for the Single Sign On functionality in WEM. It exposes numerous methods are used in different deployment scenarios to perform login request or to retrieve current assertion (object describing current user). See documentation for individual method for details.

Method Summary
`SSOAssertion`	`getAssertion()` If the current application is protected by SSO filter, this method will return the assertion object describing the current logged in user.
`java.lang.String`	`getMultiTicket()` If the current application is protected by SSO filter, use this method to get a ticket, which could be used to perform REST calls from Java code.
`java.lang.String`	`getMultiTicket(java.lang.String username, java.lang.String password)` Use this method when the current application is not protected by SSO filter and the authenticated REST call should be performed.
`SSOValidator`	`getMultiticketValidator()` Get the interface address for the multi-ticket validator.
`SSOValidator`	`getProxyTicketValidator(javax.servlet.http.HttpServletRequest request, java.lang.Object pgt)`
`java.lang.String`	`getSignoutUrl()` Returns URL, which could be used to perform Single Sign Out.
`java.lang.String`	`getSignoutUrl(java.lang.String callbackUrl)` Returns URL, which could be used to perform Single Sign Out.
`java.lang.String`	`getTicket(java.lang.String service)` If the current application is protected by SSO filter, use this method to generate a ticket, which could be used to perform REST calls from Java code.
`java.lang.String`	`getTicket(java.lang.String service, java.lang.String username, java.lang.String password)` Use this method when the current application is not protected by SSO filter and the authenticated REST call should be performed.
`SSOValidator`	`getTicketValidator()` Get the interface address for the ticket validator.
`boolean`	`isProxyTickets()` Determines whether proxying feature is turned on or off.
`boolean`	`isUseMultiTickets()` Determines whether support for multi tickets is enabled.
`SSOAssertion`	`validate(SSOValidator validator, java.lang.String ticket, java.lang.String service)` Given a validator interface address, validate the ticket for the related service.

Methods inherited from class java.lang.Object
`clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait`

Method Detail

getAssertion

public SSOAssertion getAssertion()
                          throws SSOException

If the current application is protected by SSO filter, this method will return the assertion object describing the current logged in user. If the application is not using SSO filter, then null value is returned.

Returns:: assertion object if present or null otherwise.
Throws:: SSOException - if processing error occurs.

getTicket

public java.lang.String getTicket(java.lang.String service)
                           throws SSOException

If the current application is protected by SSO filter, use this method to generate a ticket, which could be used to perform REST calls from Java code. This method performs the 'proxying' of a ticket, received by a client browser to be used in Java code. If this application was accessed using not using 'ticket', but 'multiticket' parameter (usually happens only programmatically), then SSOException is thrown. In such a case SSOSession.getMultiTicket() method should be used instead. The resulting ticket must be acquired per each REST resource URL and could only be used once. It's up to an application developer to decide to use either 'ticket' or 'multiticket' parameter, when calling REST resource URL.

Parameters:: service - REST resource URL for which to generate a ticket.
Returns:: ticket string.
Throws:: SSOException - if any error occurs during the ticket generation phase.

getMultiTicket

public java.lang.String getMultiTicket()
                                throws SSOException

If the current application is protected by SSO filter, use this method to get a ticket, which could be used to perform REST calls from Java code. Proxying mechanism doesn't allow to generate multi tickets from security considerations. If this application was accessed not using 'ticket', but 'multiticket' parameter (usually happens only programmatically), then the stored multi ticket will be returned, otherwise an exception will be thrown. The resulting multi ticket could be used to perform numerous REST calls till it expires (HTTP 403 error is returned, which results to an exception to be thrown in the API). After that multi ticket must be re-acquired. It's up to an application developer to decide to use either 'ticket' or 'multiticket' parameter, when calling REST resource URL.

Returns:: ticket string.
Throws:: SSOException - if any error occurs during the ticket generation phase.

getTicket

public java.lang.String getTicket(java.lang.String service,
                                  java.lang.String username,
                                  java.lang.String password)
                           throws SSOException

Use this method when the current application is not protected by SSO filter and the authenticated REST call should be performed. This method returns a ticket per REST resource, which could only be used once. It's up to an application developer to decide to use either 'ticket' or 'multiticket' parameter, when calling REST resource URL.

Parameters:: service - REST resource URL for which to generate a ticket.; username - user name.; password - password.
Returns:: ticket string.
Throws:: SSOException - if any error occurs during the ticket generation phase.

getMultiTicket

public java.lang.String getMultiTicket(java.lang.String username,
                                       java.lang.String password)
                                throws SSOException

Use this method when the current application is not protected by SSO filter and the authenticated REST call should be performed. This method acquires a multi ticket, which could be used to perform numerous REST calls till it expires (HTTP 403 error is returned, which results to an assertion to be thrown in the API). After that multi ticket must be re-acquired. It's up to an application developer to decide to use either 'ticket' or 'multiticket' parameter, when calling REST resource URL.

Parameters:: username - user name.; password - password.
Returns:: multi ticket string.
Throws:: SSOException - if any error occurs during the ticket generation phase.

getSignoutUrl

public java.lang.String getSignoutUrl()
                               throws SSOException

Returns URL, which could be used to perform Single Sign Out.

Returns:: single sign out URL
Throws:: SSOException

getSignoutUrl

public java.lang.String getSignoutUrl(java.lang.String callbackUrl)
                               throws SSOException

Returns URL, which could be used to perform Single Sign Out. Upon the sign out operation completion, the HTTP redirect will performed to the supplied URL.

Parameters:: callbackUrl - URL where to redirect to upon sign out completion.
Returns:: single sign out URL
Throws:: SSOException

isUseMultiTickets

public boolean isUseMultiTickets()
                          throws SSOException

Determines whether support for multi tickets is enabled.

Returns:: true if multi tickets are supported or false otherwise.
Throws:: SSOException

isProxyTickets

public boolean isProxyTickets()
                       throws SSOException

Determines whether proxying feature is turned on or off. Proxying should be set off for the last servers in the call chain to prevent making unnecessary network calls.

Returns:: 'true' if proxying is enabled or 'false' otherwise.
Throws:: SSOException

getProxyTicketValidator

public SSOValidator getProxyTicketValidator(javax.servlet.http.HttpServletRequest request,
                                            java.lang.Object pgt)
                                     throws SSOException

Returns:
Throws:: SSOException

getTicketValidator

public SSOValidator getTicketValidator()
                                throws SSOException

Get the interface address for the ticket validator. The ticket validator is used to perform validation of a service ticket.

Returns:
Throws:: SSOException

getMultiticketValidator

public SSOValidator getMultiticketValidator()
                                     throws SSOException

Get the interface address for the multi-ticket validator. The multi-ticket validator is used to perform validation of a service ticket that is used multiple times.

Returns:
Throws:: SSOException

validate

public SSOAssertion validate(SSOValidator validator,
                             java.lang.String ticket,
                             java.lang.String service)
                      throws SSOException

Given a validator interface address, validate the ticket for the related service. If the ticket is valid then a SSOAssertion object is returned. Otherwise the SSOException is thrown.

Returns:
Throws:: SSOException

Overview

Package

Class

Tree

Deprecated

Index

Help

PREV CLASS NEXT CLASS

FRAMES NO FRAMES

SUMMARY: NESTED | FIELD | CONSTR | METHOD

DETAIL: FIELD | CONSTR | METHOD

com.fatwire.wem.sso Class SSOSession

getAssertion

getTicket

getMultiTicket

getTicket

getMultiTicket

getSignoutUrl

getSignoutUrl

isUseMultiTickets

isProxyTickets

getProxyTicketValidator

getTicketValidator

getMultiticketValidator

validate

com.fatwire.wem.sso
Class SSOSession