Class SessionData
- java.lang.Object
-
- com.caplin.signon.SessionData
-
- All Implemented Interfaces:
java.io.Serializable
public class SessionData extends java.lang.Object implements java.io.Serializable
The SessionData object records the state of the sign-on process. It is passed to the KeyMaster servlet once the user has successfully signed on to the required level; for example, when they have passed the second stage of a two factor (2FA) authentication procedure.
The object is saved in the servlet session under the key SESSION_DATA_KEY ("caplin.signon").
The Authentication Filter, sitting above the KeyMaster Servlet, uses this data to prevent access to the KeyMaster servlet until the user is signed on to the required level (the required level is specified in the filter parameter allowed.auth.levels - see configuring the authentication filter on the Overview page.
- See Also:
- Serialized Form
-
-
Field Summary
Fields Modifier and Type Field Description static java.lang.String
LEVEL_1FA
String constant for single factor authentication (1FA) levelstatic java.lang.String
LEVEL_2FA
String constant for two factor authentication (2FA) levelstatic java.lang.String
LEVEL_SSO
String constant for SSO levelstatic java.lang.String
SCHEME_SMS
String constant specifying 2FA SMS authentication i.e.static java.lang.String
SCHEME_TOKEN
String constant specifying 2FA TOKEN authentication i.e.static java.lang.String
SCHEME_USER
String constant user authentication i.e.static java.lang.String
SESSION_DATA_KEY
The key used to save this object in the servlet session datastatic java.lang.String
SIGNON_USERNAME
-
Constructor Summary
Constructors Constructor Description SessionData()
Constructor called by Signon servlet to create a signon session data object that will be stored in servlet session under the key SESSION_DATA_KEY ("caplin.signon").
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description void
clear()
Clears all fields in this objectjava.lang.Object
getField(java.lang.String name)
Gets the value of an additional field that was set by a call tosetField(String, Object)
.java.lang.String
getKeyMasterExtraDataToSign()
Gets the value of the extra data that is to be added to the KeyMaster credentials token and digitally signed.java.util.Map<java.lang.String,java.lang.String>
getKeyMasterMappingData()
Gets the map of extra name-value pairs that will be added to the KeyMaster credentials token generated by the KeyMaster servlet.java.lang.String
getLevel()
Gets the current authentication level.java.lang.String
getScheme()
Gets the current authentication scheme.java.lang.String
getSentScheme()
Gets the value of the authentication scheme that was recorded by the last call tosetSentScheme(String)
.java.lang.String
getSentSchemeToken()
Gets the value of the 2FA token recorded in the last call tosetSentSchemeToken(String)
.java.lang.String
getUserName()
Gets the username of the user associated with the current servlet session.void
setField(java.lang.String name, java.lang.Object value)
Sets the name and value of an additional field that needs to be saved between authentication requests or needs to be to be passed to a custom Authentication filter or custom KeyMaster servlet.void
setKeyMasterExtraDataToSign(java.lang.String value)
Sets a value that can be used by the KeyMaster servlet to add extra data to the KeyMaster credentials token.void
setKeyMasterMappingData(java.util.Map<java.lang.String,java.lang.String> value)
Sets a map of extra name-value pairs that will be added to the KeyMaster credentials token generated by the KeyMaster servlet.void
setLevel(java.lang.String value)
Sets the current authentication level.void
setScheme(java.lang.String value)
Sets the current authentication scheme.void
setSentScheme(java.lang.String value)
Sets the value of the authentication scheme that was specified in a /sendtoken request received by the SignOn servlet.void
setSentSchemeToken(java.lang.String value)
Sets the value of the 2FA token sent to the user for the authentication scheme that was recorded by the last call tosetSentScheme(String)
.void
setUserName(java.lang.String value)
Sets the username associated with the current servlet session.java.lang.String
toString()
-
-
-
Field Detail
-
SESSION_DATA_KEY
public static final java.lang.String SESSION_DATA_KEY
The key used to save this object in the servlet session data- See Also:
- Constant Field Values
-
LEVEL_1FA
public static final java.lang.String LEVEL_1FA
String constant for single factor authentication (1FA) level- See Also:
- Constant Field Values
-
LEVEL_2FA
public static final java.lang.String LEVEL_2FA
String constant for two factor authentication (2FA) level- See Also:
- Constant Field Values
-
LEVEL_SSO
public static final java.lang.String LEVEL_SSO
String constant for SSO level- See Also:
- Constant Field Values
-
SCHEME_USER
public static final java.lang.String SCHEME_USER
String constant user authentication i.e. checking user and password- See Also:
- Constant Field Values
-
SCHEME_SMS
public static final java.lang.String SCHEME_SMS
String constant specifying 2FA SMS authentication i.e. checking SMS token- See Also:
- Constant Field Values
-
SCHEME_TOKEN
public static final java.lang.String SCHEME_TOKEN
String constant specifying 2FA TOKEN authentication i.e. checking a hardware generated token- See Also:
- Constant Field Values
-
SIGNON_USERNAME
public static final java.lang.String SIGNON_USERNAME
- See Also:
- Constant Field Values
-
-
Method Detail
-
clear
public void clear()
Clears all fields in this object
-
getLevel
public java.lang.String getLevel()
Gets the current authentication level.
Commonly used values are defined in constants of the form LEVEL_<LEVEL_NAME>.
- Returns:
- the current signon level
-
setLevel
public void setLevel(java.lang.String value)
Sets the current authentication level.
Commonly used values are defined in constants of the form LEVEL_<LEVEL_NAME>.
- Parameters:
value
- the new signon level
-
getUserName
public java.lang.String getUserName()
Gets the username of the user associated with the current servlet session.- Returns:
- the username
-
setUserName
public void setUserName(java.lang.String value)
Sets the username associated with the current servlet session.- Parameters:
value
- the username
-
setField
public void setField(java.lang.String name, java.lang.Object value)
Sets the name and value of an additional field that needs to be saved between authentication requests or needs to be to be passed to a custom Authentication filter or custom KeyMaster servlet.
- Parameters:
name
- a name for the fieldvalue
- the value of the field
-
getField
public java.lang.Object getField(java.lang.String name)
Gets the value of an additional field that was set by a call to
setField(String, Object)
.- Parameters:
name
- the name of the field to retrieve- Returns:
- the value of the field, or null if the field is not found.
-
setScheme
public void setScheme(java.lang.String value)
Sets the current authentication scheme. Commonly used values are defined in constants of the form SCHEME_<SCHEME_NAME>
- Parameters:
value
- the new scheme value
-
getScheme
public java.lang.String getScheme()
Gets the current authentication scheme. Commonly used values are defined in constants of the form SCHEME_<SCHEME_NAME>
- Returns:
- the current scheme value
-
setSentScheme
public void setSentScheme(java.lang.String value)
Sets the value of the authentication scheme that was specified in a /sendtoken request received by the SignOn servlet. This value can be used to check the next received /authenticate request.
- Parameters:
value
- the value of the scheme requested in a sendtoken request
-
getSentScheme
public java.lang.String getSentScheme()
Gets the value of the authentication scheme that was recorded by the last call to
setSentScheme(String)
.- Returns:
- the sent scheme value
-
setSentSchemeToken
public void setSentSchemeToken(java.lang.String value)
Sets the value of the 2FA token sent to the user for the authentication scheme that was recorded by the last call to
setSentScheme(String)
. (The token was sent in response to a /sendtoken request - see Request handling on the Overview page.)- Parameters:
value
- the token sent to the user
-
getSentSchemeToken
public java.lang.String getSentSchemeToken()
Gets the value of the 2FA token recorded in the last call to
setSentSchemeToken(String)
. This is used to check the value submitted on the next /authenticate request.- Returns:
- the value of the 2FA token
-
setKeyMasterExtraDataToSign
public void setKeyMasterExtraDataToSign(java.lang.String value)
Sets a value that can be used by the KeyMaster servlet to add extra data to the KeyMaster credentials token.
- Parameters:
value
- the extra data to set
-
getKeyMasterExtraDataToSign
public java.lang.String getKeyMasterExtraDataToSign()
Gets the value of the extra data that is to be added to the KeyMaster credentials token and digitally signed.
- Returns:
- the value of the keymaster extra data to sign field or null if there isn't any.
-
setKeyMasterMappingData
public void setKeyMasterMappingData(java.util.Map<java.lang.String,java.lang.String> value)
Sets a map of extra name-value pairs that will be added to the KeyMaster credentials token generated by the KeyMaster servlet. See KeyMasterMappingData in Configuring the KeyMaster servlet on the Overview page
- Parameters:
value
- the map of data to add to the KeyMaster token.
-
getKeyMasterMappingData
public java.util.Map<java.lang.String,java.lang.String> getKeyMasterMappingData()
Gets the map of extra name-value pairs that will be added to the KeyMaster credentials token generated by the KeyMaster servlet. See KeyMasterMappingData in Configuring the KeyMaster servlet on the Overview page
- Returns:
- the value of the KeyMaster mapping data
-
toString
public java.lang.String toString()
- Overrides:
toString
in classjava.lang.Object
-
-