com.waveset.session
Class SessionFactory

java.lang.Object
  extended bycom.waveset.session.SessionFactory

public class SessionFactory
extends java.lang.Object

A factory class for Session objects.

This was added for several reasons: 1) to hide the Session class being constructed, 2) to provide some convenience methods for authentication, and 3) to provide a pool of pre-authenticated sessions for faster startup in a clustered web server environment.


Nested Class Summary
static class SessionFactory.FactoryReport
           
 
Field Summary
static java.lang.String code_id
           
static java.lang.String LOCAL_HOST
          The name by which we refer to a session opened on a local repository.
protected static Trace trace
           
 
Constructor Summary
SessionFactory()
           
 
Method Summary
static boolean appLoginConfigContainsNonUserAuthnProperties(java.lang.String appName)
           
static boolean appLoginConfigContainsNonUserAuthnProperties(java.lang.String appName, ObjectRef lmgRef)
           
static boolean appLoginConfigEntryContainsNonUserAuthnProperties(int lceIndex, java.lang.String appName, ObjectRef lmgRef)
           
static boolean appLoginConfigEntryContainsNonUserAuthnProperties(java.lang.String appName, int lceIndex)
           
static void checkForTerminatedSession(Subject subject)
           
static void clearUserPool()
           
static void confirmConfiguratorSession(Session s)
          Create an administrative session as Configurator on the specified host.
static LoginModGroup.LoginConfigEntryRef[] convertLceRefs(LoginConfig.App.LoginConfigEntryRef[] lcerefs)
           
static LoginConfig.App getApp(java.lang.String appName)
          Deprecated. As of 5.0 use getLoginApp(String appName).
static LoginConfig.LoginConfigEntry.AuthnProperty[] getAppAuthnDisplayProperties(java.lang.String appName)
           
static LoginConfig.LoginConfigEntry.AuthnProperty[] getAppAuthnDisplayProperties(java.lang.String appName, ObjectRef lmgRef)
           
static LoginConfig.LoginConfigEntry.AuthnProperty[] getAppAuthnProperties(java.lang.String appName, ObjectRef lmgRef)
           
static java.util.List getAppLoginConfigEntryNonUserAuthnProperties(int lceIndex, java.lang.String appName, ObjectRef lmgRef)
           
static java.util.List getAppLoginConfigEntryNonUserAuthnProperties(java.lang.String appName, int lceIndex)
           
static LoginModGroup.LoginConfigEntryRef getAppLoginConfigEntryRef(int lceIndex, java.lang.String appName, ObjectRef lmgObjRef)
           
static LoginConfig.LoginConfigEntry.AuthnProperty[] getAppLoginModuleAuthnDisplayProperties(int lmIndex, java.lang.String appName, ObjectRef lmgRef)
           
static LoginConfig.LoginConfigEntry.AuthnProperty[] getAppLoginModuleAuthnProperties(int lmIndex, java.lang.String appName, ObjectRef lmgRef)
           
static LoginConfig.App[] getApps()
          Deprecated. As of 5.0 use getLoginApps().
static Session getConfiguratorSession(java.lang.String host, java.lang.String userName, EncryptedData pass, boolean allowPrompt)
          Create an administrative session as Configurator on the specified host.
static java.util.List getLocaleInfo()
           
static LoginApp getLoginApp(java.lang.String appName)
           
static LoginApp[] getLoginApps()
           
static ObjectRef getLoginModGrp(java.lang.String appName, GenericObject state)
          Return the login mod group per evaluated constraints
static java.lang.String getLoginWarningMessage(Session s)
          Extract the login message if any, else return null.
static Session getResetSession()
          Constructs and authenticates a session for internal use via the Reset account.
static java.lang.String getResLoginConfigAuthnPropertyDisplayName(java.lang.String resName, java.lang.String propName)
           
static LighthouseContext getServerInternalContext()
          Use this method with caution.
static Session getSession(LoginInfo info)
          Constructs and authenticates a session.
static Session getSession(LoginInfo info, java.util.Locale locale)
          Constructs and authenticates a session.
static Session getSession(java.lang.String user, EncryptedData password)
          Constructs and authenticates a session for an administrative user.
static Session getSession(java.lang.String user, EncryptedData password, java.lang.String appName, java.lang.String appType, java.util.Locale locale)
          Constructs and authenticates a session for a user based on user+password authentication.
static Session getSession(java.lang.String user, EncryptedData password, java.lang.String appName, java.lang.String appType, java.util.Locale locale, java.util.Map options)
          Constructs and authenticates a session for a user based on user+password authentication.
static Session getSession(java.lang.String user, EncryptedData password, java.lang.String appName, java.lang.String appType, ObjectRef lmgRef, java.util.Locale locale)
          Constructs and authenticates a session for a user based on user+password authentication.
static Session getSession(java.lang.String user, EncryptedData password, java.lang.String appName, java.lang.String appType, ObjectRef lmgRef, java.util.Locale locale, java.util.Map options)
          Constructs and authenticates a session for a user based on user+password authentication.
static Session getSession(java.lang.String appName, ObjectRef lmgRef, java.lang.String appType, java.lang.String loginMode)
           
static Session getSession(java.lang.String host, java.lang.String user, EncryptedData pass)
          Constructs and authenticates a session for an administrative user.
static Session getSession(java.lang.String host, java.lang.String user, EncryptedData pass, boolean allowPrompt)
          Create an administrative session on the specified host.
static Session getSession(java.lang.String appName, java.lang.String appType, java.lang.String loginMode)
           
static Session getSession(Subject subject, java.lang.String appName, java.lang.String appType)
          Constructs a session for the given subject.
static byte[] getSOAPKey()
          This should read a key that changes over time.
static java.lang.String getUidParameter(java.lang.String appName)
           
static java.lang.String getUidParameter(java.lang.String appName, ObjectRef lmgRef)
           
static Session getUserSession(java.lang.String user, EncryptedData password)
          Constructs and authenticates a session for an end user.
static Session getUserSession(java.lang.String user, java.util.Map answers)
          Constructs and authenticates a session for a user given a map of answers to authentication questions.
static Session getUserSession(java.lang.String user, java.util.Map answers, java.util.Locale locale)
          Constructs and authenticates a session for a user given a map of answers to authentication questions.
static boolean isUserInputRequired(int lceIndex, java.lang.String appName, ObjectRef lmgRef)
           
static boolean isUserInputRequired(java.lang.String appName, int lceIndex)
           
static boolean isUserInputRequired(java.lang.String appName, ObjectRef lmgRef)
           
static void poolSession(Session s)
          Return a session to the pool.
static Session poolSession(Session s, javax.servlet.http.HttpSession httpsession)
          See poolSession, above
static Session poolSession(Session s, javax.servlet.http.HttpSession httpsession, PageInformation p)
          Return a session to the pool.
static void shutdown()
          Cleanup when the server shuts down
static boolean startupMode()
          Determine if we're in startup mode or not by attempting to get the LoginConfig object.
static void userSessionDepooled(Session s)
           
static void userSessionPooled(Session s)
          A session has been added to the pool.
protected static void validateLmgRef(ObjectRef lmgRef)
           
 
Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait
 

Field Detail

code_id

public static final java.lang.String code_id
See Also:
Constant Field Values

trace

protected static Trace trace

LOCAL_HOST

public static final java.lang.String LOCAL_HOST
The name by which we refer to a session opened on a local repository. This means a direct LocalSession, not a RemoteSession.

See Also:
Constant Field Values
Constructor Detail

SessionFactory

public SessionFactory()
Method Detail

getSession

public static Session getSession(java.lang.String user,
                                 EncryptedData password)
                          throws WavesetException
Constructs and authenticates a session for an administrative user. This is simply shorthand for a common sequence of authentication steps.

The application is assumed to be the DEFAULT ADMIN app which is always configured to use the Waveset User Index for authentication

Throws:
WavesetException

getSession

public static Session getSession(java.lang.String user,
                                 EncryptedData password,
                                 java.lang.String appName,
                                 java.lang.String appType,
                                 java.util.Locale locale,
                                 java.util.Map options)
                          throws WavesetException
Constructs and authenticates a session for a user based on user+password authentication. Note that this will not work properly if the app is configured for anything other than basic user+password authentication. Alternatively takes a map of login options.

Throws:
WavesetException

getSession

public static Session getSession(java.lang.String user,
                                 EncryptedData password,
                                 java.lang.String appName,
                                 java.lang.String appType,
                                 java.util.Locale locale)
                          throws WavesetException
Constructs and authenticates a session for a user based on user+password authentication. Note that this will not work properly if the app is configured for anything other than basic user+password authentication.

Throws:
WavesetException

getSession

public static Session getSession(java.lang.String user,
                                 EncryptedData password,
                                 java.lang.String appName,
                                 java.lang.String appType,
                                 ObjectRef lmgRef,
                                 java.util.Locale locale)
                          throws WavesetException
Constructs and authenticates a session for a user based on user+password authentication. Note that this will not work properly if the app is configured for anything other than basic user+password authentication.

Throws:
WavesetException

getSession

public static Session getSession(java.lang.String user,
                                 EncryptedData password,
                                 java.lang.String appName,
                                 java.lang.String appType,
                                 ObjectRef lmgRef,
                                 java.util.Locale locale,
                                 java.util.Map options)
                          throws WavesetException
Constructs and authenticates a session for a user based on user+password authentication. Note that this will not work properly if the app is configured for anything other than basic user+password authentication.

Throws:
WavesetException

getSession

public static Session getSession(java.lang.String host,
                                 java.lang.String user,
                                 EncryptedData pass)
                          throws WavesetException
Constructs and authenticates a session for an administrative user. This is simply shorthand for a common sequence of authentication steps.

Parameters:
host - - if specified as other than LOCAL_HOST, requests a RemoteSession on that host.

The application is assumed to be the DEFAULT ADMIN app which is always configured to use the Waveset User Index for authentication.

Throws:
WavesetException

getSession

public static Session getSession(java.lang.String host,
                                 java.lang.String user,
                                 EncryptedData pass,
                                 boolean allowPrompt)
                          throws WavesetException
Create an administrative session on the specified host.

Parameters:
allowPrompt - Prompt for a password if authentication fails.
Throws:
WavesetException

confirmConfiguratorSession

public static void confirmConfiguratorSession(Session s)
                                       throws WavesetException
Create an administrative session as Configurator on the specified host.

Throws:
WavesetException

getConfiguratorSession

public static Session getConfiguratorSession(java.lang.String host,
                                             java.lang.String userName,
                                             EncryptedData pass,
                                             boolean allowPrompt)
                                      throws WavesetException
Create an administrative session as Configurator on the specified host.

Parameters:
pass - password of Configurator user (if changed from the default)
allowPrompt - Prompt for a password if authentication fails.
Throws:
WavesetException

getResetSession

public static Session getResetSession()
                               throws WavesetException
Constructs and authenticates a session for internal use via the Reset account.

Throws:
WavesetException

getUserSession

public static Session getUserSession(java.lang.String user,
                                     EncryptedData password)
                              throws WavesetException
Constructs and authenticates a session for an end user. This is a conviencence wrapper that will authenticate and create an end user session.

The application name is SELFPROVISION and application type is USER_APP.

Throws:
WavesetException

getUserSession

public static Session getUserSession(java.lang.String user,
                                     java.util.Map answers)
                              throws WavesetException
Constructs and authenticates a session for a user given a map of answers to authentication questions. The map must also include the application name so question login processing can validate the answers against the set of questions defined for the login application name.

Throws:
WavesetException

getUserSession

public static Session getUserSession(java.lang.String user,
                                     java.util.Map answers,
                                     java.util.Locale locale)
                              throws WavesetException
Constructs and authenticates a session for a user given a map of answers to authentication questions. The map must also include the application name so question login processing can validate the answers against the set of questions defined for the login application name.

Throws:
WavesetException

getSession

public static Session getSession(LoginInfo info)
                          throws WavesetException
Constructs and authenticates a session.

This one assumes you've constructed the LoginInfo your own self.

Throws:
WavesetException

getSession

public static Session getSession(LoginInfo info,
                                 java.util.Locale locale)
                          throws WavesetException
Constructs and authenticates a session.

This one assumes you've constructed the LoginInfo your own self.

Throws:
WavesetException

getSession

public static Session getSession(java.lang.String appName,
                                 java.lang.String appType,
                                 java.lang.String loginMode)
                          throws WavesetException
Throws:
WavesetException

getSession

public static Session getSession(java.lang.String appName,
                                 ObjectRef lmgRef,
                                 java.lang.String appType,
                                 java.lang.String loginMode)
                          throws WavesetException
Throws:
WavesetException

validateLmgRef

protected static void validateLmgRef(ObjectRef lmgRef)
                              throws WavesetException
Throws:
WavesetException

getLocaleInfo

public static java.util.List getLocaleInfo()

getResLoginConfigAuthnPropertyDisplayName

public static java.lang.String getResLoginConfigAuthnPropertyDisplayName(java.lang.String resName,
                                                                         java.lang.String propName)
                                                                  throws WavesetException
Throws:
WavesetException

getLoginModGrp

public static ObjectRef getLoginModGrp(java.lang.String appName,
                                       GenericObject state)
                                throws WavesetException
Return the login mod group per evaluated constraints

Throws:
WavesetException

getUidParameter

public static java.lang.String getUidParameter(java.lang.String appName)
                                        throws WavesetException
Throws:
WavesetException

getUidParameter

public static java.lang.String getUidParameter(java.lang.String appName,
                                               ObjectRef lmgRef)
                                        throws WavesetException
Throws:
WavesetException

startupMode

public static boolean startupMode()
                           throws WavesetException
Determine if we're in startup mode or not by attempting to get the LoginConfig object. If not found, we're inn startup mode.

Throws:
WavesetException

getLoginApps

public static LoginApp[] getLoginApps()
                               throws WavesetException
Throws:
WavesetException

getLoginApp

public static LoginApp getLoginApp(java.lang.String appName)
                            throws WavesetException
Throws:
WavesetException

isUserInputRequired

public static boolean isUserInputRequired(java.lang.String appName,
                                          ObjectRef lmgRef)
                                   throws WavesetException
Throws:
WavesetException

isUserInputRequired

public static boolean isUserInputRequired(int lceIndex,
                                          java.lang.String appName,
                                          ObjectRef lmgRef)
                                   throws WavesetException
Throws:
WavesetException

isUserInputRequired

public static boolean isUserInputRequired(java.lang.String appName,
                                          int lceIndex)
                                   throws WavesetException
Throws:
WavesetException

appLoginConfigEntryContainsNonUserAuthnProperties

public static boolean appLoginConfigEntryContainsNonUserAuthnProperties(java.lang.String appName,
                                                                        int lceIndex)
                                                                 throws WavesetException
Throws:
WavesetException

appLoginConfigEntryContainsNonUserAuthnProperties

public static boolean appLoginConfigEntryContainsNonUserAuthnProperties(int lceIndex,
                                                                        java.lang.String appName,
                                                                        ObjectRef lmgRef)
                                                                 throws WavesetException
Throws:
WavesetException

appLoginConfigContainsNonUserAuthnProperties

public static boolean appLoginConfigContainsNonUserAuthnProperties(java.lang.String appName)
                                                            throws WavesetException
Throws:
WavesetException

appLoginConfigContainsNonUserAuthnProperties

public static boolean appLoginConfigContainsNonUserAuthnProperties(java.lang.String appName,
                                                                   ObjectRef lmgRef)
                                                            throws WavesetException
Throws:
WavesetException

getAppLoginConfigEntryNonUserAuthnProperties

public static java.util.List getAppLoginConfigEntryNonUserAuthnProperties(java.lang.String appName,
                                                                          int lceIndex)
                                                                   throws WavesetException
Throws:
WavesetException

getAppLoginConfigEntryNonUserAuthnProperties

public static java.util.List getAppLoginConfigEntryNonUserAuthnProperties(int lceIndex,
                                                                          java.lang.String appName,
                                                                          ObjectRef lmgRef)
                                                                   throws WavesetException
Throws:
WavesetException

getAppLoginConfigEntryRef

public static LoginModGroup.LoginConfigEntryRef getAppLoginConfigEntryRef(int lceIndex,
                                                                          java.lang.String appName,
                                                                          ObjectRef lmgObjRef)
                                                                   throws WavesetException
Throws:
WavesetException

getAppAuthnProperties

public static LoginConfig.LoginConfigEntry.AuthnProperty[] getAppAuthnProperties(java.lang.String appName,
                                                                                 ObjectRef lmgRef)
                                                                          throws WavesetException
Throws:
WavesetException

getAppLoginModuleAuthnProperties

public static LoginConfig.LoginConfigEntry.AuthnProperty[] getAppLoginModuleAuthnProperties(int lmIndex,
                                                                                            java.lang.String appName,
                                                                                            ObjectRef lmgRef)
                                                                                     throws WavesetException
Throws:
WavesetException

getAppLoginModuleAuthnDisplayProperties

public static LoginConfig.LoginConfigEntry.AuthnProperty[] getAppLoginModuleAuthnDisplayProperties(int lmIndex,
                                                                                                   java.lang.String appName,
                                                                                                   ObjectRef lmgRef)
                                                                                            throws WavesetException
Throws:
WavesetException

getAppAuthnDisplayProperties

public static LoginConfig.LoginConfigEntry.AuthnProperty[] getAppAuthnDisplayProperties(java.lang.String appName)
                                                                                 throws WavesetException
Throws:
WavesetException

getAppAuthnDisplayProperties

public static LoginConfig.LoginConfigEntry.AuthnProperty[] getAppAuthnDisplayProperties(java.lang.String appName,
                                                                                        ObjectRef lmgRef)
                                                                                 throws WavesetException
Throws:
WavesetException

convertLceRefs

public static LoginModGroup.LoginConfigEntryRef[] convertLceRefs(LoginConfig.App.LoginConfigEntryRef[] lcerefs)
                                                          throws WavesetException
Throws:
WavesetException

getApp

public static LoginConfig.App getApp(java.lang.String appName)
                              throws WavesetException
Deprecated. As of 5.0 use getLoginApp(String appName).

Throws:
WavesetException

getApps

public static LoginConfig.App[] getApps()
                                 throws WavesetException
Deprecated. As of 5.0 use getLoginApps().

Throws:
WavesetException

getSession

public static Session getSession(Subject subject,
                                 java.lang.String appName,
                                 java.lang.String appType)
                          throws WavesetException
Constructs a session for the given subject.

This should be used only in situations where the Subject has been properly authenticated once. It is intended for use by the JSP-based GUIs, where the Subject may be serialized in the HttpSession, but the entire LocalSession cannot. We will use a session pool to speed up construction.

Throws:
WavesetException

getServerInternalContext

public static LighthouseContext getServerInternalContext()
                                                  throws WavesetException
Use this method with caution. It returns a LighthouseContext that is fully authorized, i.e. it can do anything. Use it with caution. It was primarily added to provide equivalent functionality for the now deprecated IDMXContextFactory.getInternalContext().

Throws:
WavesetException

checkForTerminatedSession

public static void checkForTerminatedSession(Subject subject)
                                      throws WavesetException
Throws:
WavesetException

poolSession

public static void poolSession(Session s)
Return a session to the pool. Normally this is done for sessions returned by getSession(Subject) though you can pool any session.


poolSession

public static Session poolSession(Session s,
                                  javax.servlet.http.HttpSession httpsession,
                                  PageInformation p)
Return a session to the pool. Normally this is done for sessions returned by getSession(Subject) though you can pool any session.


poolSession

public static Session poolSession(Session s,
                                  javax.servlet.http.HttpSession httpsession)
See poolSession, above


clearUserPool

public static void clearUserPool()

shutdown

public static void shutdown()
Cleanup when the server shuts down


getSOAPKey

public static byte[] getSOAPKey()
                         throws WavesetException
This should read a key that changes over time. It just returns a static for now. This needs to call something to get the site key when that is implemented.

Throws:
WavesetException

getLoginWarningMessage

public static java.lang.String getLoginWarningMessage(Session s)
Extract the login message if any, else return null.


userSessionPooled

public static void userSessionPooled(Session s)
A session has been added to the pool. Check to see if the oldest item in the pool has expired.


userSessionDepooled

public static void userSessionDepooled(Session s)