Package com.caplin.signon

Class SessionData

  • All Implemented Interfaces:
    java.io.Serializable
    public class SessionData
extends java.lang.Object
implements java.io.Serializable

    The SessionData object records the state of the sign-on process. It is passed to the KeyMaster servlet once the user has successfully signed on to the required level; for example, when they have passed the second stage of a two factor (2FA) authentication procedure.

    The object is saved in the servlet session under the key SESSION_DATA_KEY ("caplin.signon").

    The Authentication Filter, sitting above the KeyMaster Servlet, uses this data to prevent access to the KeyMaster servlet until the user is signed on to the required level (the required level is specified in the filter parameter allowed.auth.levels - see configuring the authentication filter on the Overview page.

    See Also:
    Serialized Form

    • Field Summary

      Fields 
      Modifier and Type Field Description
      static java.lang.String LEVEL_1FA
      String constant for single factor authentication (1FA) level
      static java.lang.String LEVEL_2FA
      String constant for two factor authentication (2FA) level
      static java.lang.String LEVEL_SSO
      String constant for SSO level
      static java.lang.String SCHEME_SMS
      String constant specifying 2FA SMS authentication i.e.
      static java.lang.String SCHEME_TOKEN
      String constant specifying 2FA TOKEN authentication i.e.
      static java.lang.String SCHEME_USER
      String constant user authentication i.e.
      static java.lang.String SESSION_DATA_KEY
      The key used to save this object in the servlet session data
      static java.lang.String SIGNON_USERNAME  

    • Constructor Summary

      Constructors 
      Constructor Description
      SessionData()
      Constructor called by Signon servlet to create a signon session data object that will be stored in servlet session under the key SESSION_DATA_KEY ("caplin.signon").

    • Method Summary

      All Methods Instance Methods Concrete Methods 
      Modifier and Type Method Description
      void clear()
      Clears all fields in this object
      java.lang.Object getField​(java.lang.String name)
      Gets the value of an additional field that was set by a call to setField(String, Object).
      java.lang.String getKeyMasterExtraDataToSign()
      Gets the value of the extra data that is to be added to the KeyMaster credentials token and digitally signed.
      java.util.Map<java.lang.String,​java.lang.String> getKeyMasterMappingData()
      Gets the map of extra name-value pairs that will be added to the KeyMaster credentials token generated by the KeyMaster servlet.
      java.lang.String getLevel()
      Gets the current authentication level.
      java.lang.String getScheme()
      Gets the current authentication scheme.
      java.lang.String getSentScheme()
      Gets the value of the authentication scheme that was recorded by the last call to setSentScheme(String).
      java.lang.String getSentSchemeToken()
      Gets the value of the 2FA token recorded in the last call to setSentSchemeToken(String).
      java.lang.String getUserName()
      Gets the username of the user associated with the current servlet session.
      void setField​(java.lang.String name, java.lang.Object value)
      Sets the name and value of an additional field that needs to be saved between authentication requests or needs to be to be passed to a custom Authentication filter or custom KeyMaster servlet.
      void setKeyMasterExtraDataToSign​(java.lang.String value)
      Sets a value that can be used by the KeyMaster servlet to add extra data to the KeyMaster credentials token.
      void setKeyMasterMappingData​(java.util.Map<java.lang.String,​java.lang.String> value)
      Sets a map of extra name-value pairs that will be added to the KeyMaster credentials token generated by the KeyMaster servlet.
      void setLevel​(java.lang.String value)
      Sets the current authentication level.
      void setScheme​(java.lang.String value)
      Sets the current authentication scheme.
      void setSentScheme​(java.lang.String value)
      Sets the value of the authentication scheme that was specified in a /sendtoken request received by the SignOn servlet.
      void setSentSchemeToken​(java.lang.String value)
      Sets the value of the 2FA token sent to the user for the authentication scheme that was recorded by the last call to setSentScheme(String).
      void setUserName​(java.lang.String value)
      Sets the username associated with the current servlet session.
      java.lang.String toString()  

      • Methods inherited from class java.lang.Object

        clone, equals, finalize, getClass, hashCode, notify, notifyAll, wait, wait, wait

    • Field Detail

      • SESSION_DATA_KEY

        public static final java.lang.String SESSION_DATA_KEY
        The key used to save this object in the servlet session data
        See Also:
        Constant Field Values

      • LEVEL_1FA

        public static final java.lang.String LEVEL_1FA
        String constant for single factor authentication (1FA) level
        See Also:
        Constant Field Values

      • LEVEL_2FA

        public static final java.lang.String LEVEL_2FA
        String constant for two factor authentication (2FA) level
        See Also:
        Constant Field Values

      • LEVEL_SSO

        public static final java.lang.String LEVEL_SSO
        String constant for SSO level
        See Also:
        Constant Field Values

      • SCHEME_USER

        public static final java.lang.String SCHEME_USER
        String constant user authentication i.e. checking user and password
        See Also:
        Constant Field Values

      • SCHEME_SMS

        public static final java.lang.String SCHEME_SMS
        String constant specifying 2FA SMS authentication i.e. checking SMS token
        See Also:
        Constant Field Values

      • SCHEME_TOKEN

        public static final java.lang.String SCHEME_TOKEN
        String constant specifying 2FA TOKEN authentication i.e. checking a hardware generated token
        See Also:
        Constant Field Values

    • Constructor Detail

      • SessionData

        public SessionData()
        Constructor called by Signon servlet to create a signon session data object that will be stored in servlet session under the key SESSION_DATA_KEY ("caplin.signon").

    • Method Detail

      • clear

        public void clear()
        Clears all fields in this object

      • getLevel

        public java.lang.String getLevel()

        Gets the current authentication level.

        Commonly used values are defined in constants of the form LEVEL_<LEVEL_NAME>.

        Returns:
        the current signon level

      • setLevel

        public void setLevel​(java.lang.String value)

        Sets the current authentication level.

        Commonly used values are defined in constants of the form LEVEL_<LEVEL_NAME>.

        Parameters:
        value - the new signon level

      • getUserName

        public java.lang.String getUserName()
        Gets the username of the user associated with the current servlet session.
        Returns:
        the username

      • setUserName

        public void setUserName​(java.lang.String value)
        Sets the username associated with the current servlet session.
        Parameters:
        value - the username

      • setField

        public void setField​(java.lang.String name,
                     java.lang.Object value)

        Sets the name and value of an additional field that needs to be saved between authentication requests or needs to be to be passed to a custom Authentication filter or custom KeyMaster servlet.

        Parameters:
        name - a name for the field
        value - the value of the field

      • getField

        public java.lang.Object getField​(java.lang.String name)

        Gets the value of an additional field that was set by a call to setField(String, Object).

        Parameters:
        name - the name of the field to retrieve
        Returns:
        the value of the field, or null if the field is not found.

      • setScheme

        public void setScheme​(java.lang.String value)

        Sets the current authentication scheme. Commonly used values are defined in constants of the form SCHEME_<SCHEME_NAME>

        Parameters:
        value - the new scheme value

      • getScheme

        public java.lang.String getScheme()

        Gets the current authentication scheme. Commonly used values are defined in constants of the form SCHEME_<SCHEME_NAME>

        Returns:
        the current scheme value

      • setSentScheme

        public void setSentScheme​(java.lang.String value)

        Sets the value of the authentication scheme that was specified in a /sendtoken request received by the SignOn servlet. This value can be used to check the next received /authenticate request.

        Parameters:
        value - the value of the scheme requested in a sendtoken request

      • getSentScheme

        public java.lang.String getSentScheme()

        Gets the value of the authentication scheme that was recorded by the last call to setSentScheme(String).

        Returns:
        the sent scheme value

      • setSentSchemeToken

        public void setSentSchemeToken​(java.lang.String value)

        Sets the value of the 2FA token sent to the user for the authentication scheme that was recorded by the last call to setSentScheme(String). (The token was sent in response to a /sendtoken request - see Request handling on the Overview page.)

        Parameters:
        value - the token sent to the user

      • getSentSchemeToken

        public java.lang.String getSentSchemeToken()

        Gets the value of the 2FA token recorded in the last call to setSentSchemeToken(String). This is used to check the value submitted on the next /authenticate request.

        Returns:
        the value of the 2FA token

      • setKeyMasterExtraDataToSign

        public void setKeyMasterExtraDataToSign​(java.lang.String value)

        Sets a value that can be used by the KeyMaster servlet to add extra data to the KeyMaster credentials token.

        Parameters:
        value - the extra data to set

      • getKeyMasterExtraDataToSign

        public java.lang.String getKeyMasterExtraDataToSign()

        Gets the value of the extra data that is to be added to the KeyMaster credentials token and digitally signed.

        Returns:
        the value of the keymaster extra data to sign field or null if there isn't any.

      • setKeyMasterMappingData

        public void setKeyMasterMappingData​(java.util.Map<java.lang.String,​java.lang.String> value)

        Sets a map of extra name-value pairs that will be added to the KeyMaster credentials token generated by the KeyMaster servlet. See KeyMasterMappingData in Configuring the KeyMaster servlet on the Overview page

        Parameters:
        value - the map of data to add to the KeyMaster token.

      • getKeyMasterMappingData

        public java.util.Map<java.lang.String,​java.lang.String> getKeyMasterMappingData()

        Gets the map of extra name-value pairs that will be added to the KeyMaster credentials token generated by the KeyMaster servlet. See KeyMasterMappingData in Configuring the KeyMaster servlet on the Overview page

        Returns:
        the value of the KeyMaster mapping data

      • toString

        public java.lang.String toString()
        Overrides:
        toString in class java.lang.Object