Package com.caplin.signon

Class SessionData

java.lang.Object
com.caplin.signon.SessionData
All Implemented Interfaces:
Serializable
public class SessionData extends Object implements Serializable

The SessionData object records the state of the sign-on process. It is passed to the KeyMaster servlet once the user has successfully signed on to the required level; for example, when they have passed the second stage of a two factor (2FA) authentication procedure.

The object is saved in the servlet session under the key SESSION_DATA_KEY ("caplin.signon").

The Authentication Filter, sitting above the KeyMaster Servlet, uses this data to prevent access to the KeyMaster servlet until the user is signed on to the required level (the required level is specified in the filter parameter allowed.auth.levels - see configuring the authentication filter on the Overview page.

See Also:

  • Field Details

    • SESSION_DATA_KEY

      public static final String SESSION_DATA_KEY
      The key used to save this object in the servlet session data
      See Also:

    • LEVEL_1FA

      public static final String LEVEL_1FA
      String constant for single factor authentication (1FA) level
      See Also:

    • LEVEL_2FA

      public static final String LEVEL_2FA
      String constant for two factor authentication (2FA) level
      See Also:

    • LEVEL_SSO

      public static final String LEVEL_SSO
      String constant for SSO level
      See Also:

    • SCHEME_USER

      public static final String SCHEME_USER
      String constant user authentication i.e. checking user and password
      See Also:

    • SCHEME_SMS

      public static final String SCHEME_SMS
      String constant specifying 2FA SMS authentication i.e. checking SMS token
      See Also:

    • SCHEME_TOKEN

      public static final String SCHEME_TOKEN
      String constant specifying 2FA TOKEN authentication i.e. checking a hardware generated token
      See Also:

    • SIGNON_USERNAME

      public static final String SIGNON_USERNAME
      See Also:

  • Constructor Details

    • SessionData

      public SessionData()
      Constructor called by Signon servlet to create a signon session data object that will be stored in servlet session under the key SESSION_DATA_KEY ("caplin.signon").

  • Method Details

    • clear

      public void clear()
      Clears all fields in this object

    • getLevel

      public String getLevel()

      Gets the current authentication level.

      Commonly used values are defined in constants of the form LEVEL_<LEVEL_NAME>.

      Returns:
      the current signon level

    • setLevel

      public void setLevel(String value)

      Sets the current authentication level.

      Commonly used values are defined in constants of the form LEVEL_<LEVEL_NAME>.

      Parameters:
      value - the new signon level

    • getUserName

      public String getUserName()
      Gets the username of the user associated with the current servlet session.
      Returns:
      the username

    • setUserName

      public void setUserName(String value)
      Sets the username associated with the current servlet session.
      Parameters:
      value - the username

    • setField

      public void setField(String name, Object value)

      Sets the name and value of an additional field that needs to be saved between authentication requests or needs to be to be passed to a custom Authentication filter or custom KeyMaster servlet.

      Parameters:
      name - a name for the field
      value - the value of the field

    • getField

      public Object getField(String name)

      Gets the value of an additional field that was set by a call to setField(String, Object).

      Parameters:
      name - the name of the field to retrieve
      Returns:
      the value of the field, or null if the field is not found.

    • setScheme

      public void setScheme(String value)

      Sets the current authentication scheme. Commonly used values are defined in constants of the form SCHEME_<SCHEME_NAME>

      Parameters:
      value - the new scheme value

    • getScheme

      public String getScheme()

      Gets the current authentication scheme. Commonly used values are defined in constants of the form SCHEME_<SCHEME_NAME>

      Returns:
      the current scheme value

    • setSentScheme

      public void setSentScheme(String value)

      Sets the value of the authentication scheme that was specified in a /sendtoken request received by the SignOn servlet. This value can be used to check the next received /authenticate request.

      Parameters:
      value - the value of the scheme requested in a sendtoken request

    • getSentScheme

      public String getSentScheme()

      Gets the value of the authentication scheme that was recorded by the last call to setSentScheme(String).

      Returns:
      the sent scheme value

    • setSentSchemeToken

      public void setSentSchemeToken(String value)

      Sets the value of the 2FA token sent to the user for the authentication scheme that was recorded by the last call to setSentScheme(String). (The token was sent in response to a /sendtoken request - see Request handling on the Overview page.)

      Parameters:
      value - the token sent to the user

    • getSentSchemeToken

      public String getSentSchemeToken()

      Gets the value of the 2FA token recorded in the last call to setSentSchemeToken(String). This is used to check the value submitted on the next /authenticate request.

      Returns:
      the value of the 2FA token

    • setKeyMasterExtraDataToSign

      public void setKeyMasterExtraDataToSign(String value)

      Sets a value that can be used by the KeyMaster servlet to add extra data to the KeyMaster credentials token.

      Parameters:
      value - the extra data to set

    • getKeyMasterExtraDataToSign

      public String getKeyMasterExtraDataToSign()

      Gets the value of the extra data that is to be added to the KeyMaster credentials token and digitally signed.

      Returns:
      the value of the keymaster extra data to sign field or null if there isn't any.

    • setKeyMasterMappingData

      public void setKeyMasterMappingData(Map<String,String> value)

      Sets a map of extra name-value pairs that will be added to the KeyMaster credentials token generated by the KeyMaster servlet. See KeyMasterMappingData in Configuring the KeyMaster servlet on the Overview page

      Parameters:
      value - the map of data to add to the KeyMaster token.

    • getKeyMasterMappingData

      public Map<String,String> getKeyMasterMappingData()

      Gets the map of extra name-value pairs that will be added to the KeyMaster credentials token generated by the KeyMaster servlet. See KeyMasterMappingData in Configuring the KeyMaster servlet on the Overview page

      Returns:
      the value of the KeyMaster mapping data

    • toString

      public String toString()
      Overrides:
      toString in class Object