| Package | Description |
|---|---|
| com.iplanet.sso |
This package contains classes fro accessing the Single Sign On service and
representing a SSOToken(Single Sign On) which contains the information
related to session.
|
| com.iplanet.sso.providers.dpro |
This package contains classes that represent SSOProvider
|
| com.sun.identity.authentication |
Provides interfaces and classes for writing a Remote Java client application
to authenticate to OpenAM.
|
| com.sun.identity.authentication.server |
This package contains the classes that represent server side
functionality such as the implementation of request for
authenticating, user credential callbacks.
|
| com.sun.identity.authentication.spi |
Provides interfaces and classes for writing a supplemental authentication
module to plug into OpenAM.
|
| com.sun.identity.idm |
Provides classes for accessing the Identity Repository interfaces.
|
| com.sun.identity.policy |
Provides classes for policy administration and evaluation.
|
| com.sun.identity.policy.interfaces |
Deprecated interfaces for writing custom Policy plugins for Conditions,
Subjects, Referrals, ResponseProviders and Resources.
|
| com.sun.identity.security |
Provides the classes to be used for performing privileged operations (like
getting the OpenAM administrator's DN and password).
|
| com.sun.identity.sm |
Provides classes for accessing the Service Management Service (SMS).
|
| org.forgerock.openam.secrets |
The AM supporting classes for centrally configuring secrets.
|
| org.forgerock.openam.session.service |
Defines interfaces and classes for the Session Service.
|
| org.forgerock.openam.sts.tokengeneration.oidc |
This package contains classes defining OpenId Connect Token generation and claim mapping.
|
| org.forgerock.openam.sts.tokengeneration.saml2.statements |
This package contains classes defining the interfaces consumed to obtain the various statements contituting SAML2
assertions.
|
| org.forgerock.openam.upgrade |
Defines interfaces and classes to perform OpenAM system upgrade.
|
| Modifier and Type | Method and Description |
|---|---|
SSOToken |
SSOTokenManager.createSSOToken(javax.servlet.http.HttpServletRequest request)
Creates a single sign on token from
HttpServletRequest |
SSOToken |
SSOTokenManager.createSSOToken(String tokenId)
Creates a single sign on token from the single sign
on token ID.
|
SSOToken |
SSOTokenManager.createSSOToken(String tokenId,
String clientIP)
Creates a single sign on token from the single sign
on token ID.
|
SSOToken |
SSOTokenEvent.getToken()
Returns the
SSOToken associated with the SSO Token event. |
| Modifier and Type | Method and Description |
|---|---|
String |
SSOToken.dereferenceRestrictedTokenID(SSOToken requester,
String restrictedId)
Given a restricted token, returns the SSOTokenID of the master token can only be used if the requester is an
app token.
|
void |
SSOTokenManager.destroyToken(SSOToken token)
Destroys a single sign on token.
|
void |
SSOTokenManager.destroyToken(SSOToken destroyer,
SSOToken destroyed)
Destroys a single sign on token.
|
Set |
SSOTokenManager.getValidSessions(SSOToken requester,
String server)
Returns a list of single sign on token objects
which correspond to valid Sessions accessible to requester.
|
boolean |
SSOTokenManager.isValidToken(SSOToken token)
Returns true if a single sign on token is valid.
|
boolean |
SSOTokenManager.isValidToken(SSOToken token,
boolean resetIdleTime)
Returns true if a single sign on token is valid, resetting the token's idle time
if and only if the flag allows us to.
|
void |
SSOTokenManager.refreshSession(SSOToken token)
Refresh the Session corresponding to the single
sign on token from the Session Server.
|
void |
SSOTokenManager.validateToken(SSOToken token)
Returns true if the single sign on token is valid.
|
| Modifier and Type | Method and Description |
|---|---|
Set<SSOToken> |
SSOProviderImpl.getValidSessions(SSOToken requester,
String server)
Deprecated.
since 14.0.0
|
| Modifier and Type | Method and Description |
|---|---|
void |
SSOProviderImpl.destroyToken(SSOToken destroyer,
SSOToken destroyed)
Destroys a single sign on token.
|
Set<SSOToken> |
SSOProviderImpl.getValidSessions(SSOToken requester,
String server)
Deprecated.
since 14.0.0
|
| Modifier and Type | Method and Description |
|---|---|
SSOToken |
AuthContext.getSSOToken()
Returns the Single-Sign-On (SSO) Token for the authenticated
user.
|
| Constructor and Description |
|---|
AuthContext(SSOToken ssoToken)
Constructs an instance of
AuthContext for a given
organization name, or sub organization name contained in the
single sign on token. |
AuthContext(SSOToken ssoToken,
boolean forceAuth)
Constructs an instance of
AuthContext for a given
organization name, or sub organization name contained in the
single sign on token. |
| Modifier and Type | Method and Description |
|---|---|
SSOToken |
AuthContextLocal.getSSOToken()
Returns the Single-Sign-On (SSO) Token for the authenticated
user.Single-Sign-On token can be used as the authenticated token.
|
| Modifier and Type | Method and Description |
|---|---|
SSOToken |
AMLoginModule.getSSOSession()
Returns an administration SSOToken for use the OpenAM APIs.
|
| Modifier and Type | Method and Description |
|---|---|
Set<SSOToken> |
AMLoginModule.getUserSessions(String userName)
Returns the set of SSOTokens for a specified user
|
| Modifier and Type | Method and Description |
|---|---|
void |
AMPostAuthProcessInterface.onLoginSuccess(Map requestParamsMap,
javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
SSOToken ssoToken)
Post processing on successful authentication.
|
void |
AMPostAuthProcessInterface.onLogout(javax.servlet.http.HttpServletRequest request,
javax.servlet.http.HttpServletResponse response,
SSOToken ssoToken)
Post processing on Logout.
|
| Modifier and Type | Method and Description |
|---|---|
abstract int |
IdRepo.addListener(SSOToken token,
IdRepoListener listener)
Adds a listener for changes in the repository
|
abstract void |
IdRepo.assignService(SSOToken token,
IdType type,
String name,
String serviceName,
SchemaType stype,
Map<String,Set<String>> attrMap)
This method is used to assign a service to the given identity.
|
void |
IdRepo.changePassword(SSOToken token,
IdType type,
String name,
String attrName,
String oldPassword,
String newPassword)
Changes password of identity.
|
abstract String |
IdRepo.create(SSOToken token,
IdType type,
String name,
Map<String,Set<String>> attrMap)
Creates an identity.
|
abstract void |
IdRepo.delete(SSOToken token,
IdType type,
String name)
Deletes an identity.
|
abstract Set<String> |
IdRepo.getAssignedServices(SSOToken token,
IdType type,
String name,
Map<String,Set<String>> mapOfServicesAndOCs)
Returns the set of services assigned to this identity.
|
abstract Map<String,Set<String>> |
IdRepo.getAttributes(SSOToken token,
IdType type,
String name)
Returns all attributes and values of name object
|
abstract Map<String,Set<String>> |
IdRepo.getAttributes(SSOToken token,
IdType type,
String name,
Set<String> attrNames)
Returns requested attributes and values of name object.
|
abstract Map<String,byte[][]> |
IdRepo.getBinaryAttributes(SSOToken token,
IdType type,
String name,
Set<String> attrNames)
Returns requested binary attributes as an array of bytes.
|
abstract Map<String,byte[][]> |
IdRepo.getBinaryServiceAttributes(SSOToken token,
IdType type,
String name,
String serviceName,
Set<String> attrNames)
Returns the requested binary attribute values of the service attributes
as an array of bytes.
|
String |
IdRepo.getFullyQualifiedName(SSOToken token,
IdType type,
String name)
Returns the fully qualified name for the identity.
|
static AMIdentity |
IdUtils.getIdentity(SSOToken token) |
static AMIdentity |
IdUtils.getIdentity(SSOToken token,
String univId) |
abstract Set<String> |
IdRepo.getMembers(SSOToken token,
IdType type,
String name,
IdType membersType)
Returns the memberships of an identity.
|
abstract Set<String> |
IdRepo.getMemberships(SSOToken token,
IdType type,
String name,
IdType membershipType)
Returns the memberships of an identity.
|
abstract Map<String,Set<String>> |
IdRepo.getServiceAttributes(SSOToken token,
IdType type,
String name,
String serviceName,
Set<String> attrNames)
Returns the attribute values of the service attributes.
|
boolean |
IdRepo.isActive(SSOToken token,
IdType type,
String name)
Returns true if the
name object is active. |
abstract boolean |
IdRepo.isExists(SSOToken token,
IdType type,
String name)
Returns true if the
name object exists in the data store. |
abstract void |
IdRepo.modifyMemberShip(SSOToken token,
IdType type,
String name,
Set<String> members,
IdType membersType,
int operation)
Modify membership of the identity.
|
abstract void |
IdRepo.modifyService(SSOToken token,
IdType type,
String name,
String serviceName,
SchemaType sType,
Map<String,Set<String>> attrMap)
Modifies the attribute values of the service attributes.
|
abstract void |
IdRepo.removeAttributes(SSOToken token,
IdType type,
String name,
Set<String> attrNames)
Removes the attributes from the identity.
|
abstract RepoSearchResults |
IdRepo.search(SSOToken token,
IdType type,
CrestQuery crestQuery,
int maxTime,
int maxResults,
Set<String> returnAttrs,
boolean returnAllAttrs,
int filterOp,
Map<String,Set<String>> avPairs,
boolean recursive)
Search for specific type of identities using a CrestQuery object instead of a string.
|
abstract void |
IdRepo.setActiveStatus(SSOToken token,
IdType type,
String name,
boolean active)
Sets the object's status to
active. |
abstract void |
IdRepo.setAttributes(SSOToken token,
IdType type,
String name,
Map<String,Set<String>> attributes,
boolean isAdd)
Set the values of attributes of the identity.
|
abstract void |
IdRepo.setBinaryAttributes(SSOToken token,
IdType type,
String name,
Map<String,byte[][]> attributes,
boolean isAdd)
Set the values of binary attributes the identity.
|
abstract void |
IdRepo.unassignService(SSOToken token,
IdType type,
String name,
String serviceName,
Map<String,Set<String>> attrMap)
If the service is already assigned to the identity then
this method unassigns the service and removes the related
attributes from the entry.
|
| Constructor and Description |
|---|
AMIdentity(SSOToken ssotoken) |
AMIdentity(SSOToken ssotoken,
String universalId) |
AMIdentityRepository(SSOToken ssotoken,
String realmName)
Deprecated.
in 13.0.0, use
AMIdentityRepository.AMIdentityRepository(String, com.iplanet.sso.SSOToken) instead |
AMIdentityRepository(String realmName,
SSOToken ssoToken) |
| Modifier and Type | Method and Description |
|---|---|
void |
Policy.addRealmSubject(SSOToken token,
String subjectName,
String realmName,
boolean exclusive)
Deprecated.
Adds a reference in the policy to a Subject defined at the realm.
|
PolicyDecision |
PolicyEvaluator.getPolicyDecision(SSOToken token,
String resourceName,
Set actionNames,
Map envParameters)
Deprecated.
Evaluates privileges of the user to perform the specified actions
on the specified resource.
|
ProxyPolicyEvaluator |
ProxyPolicyEvaluatorFactory.getProxyPolicyEvaluator(SSOToken token,
String serviceType)
Deprecated.
Gets an instance of
ProxyPolicyEvaluator. |
Set |
PolicyEvaluator.getResourceResults(SSOToken userToken,
String resourceName,
String scope,
Map envParameters)
Deprecated.
Gets resource result objects given a resource name.
|
boolean |
PolicyEvaluator.isAllowed(SSOToken token,
String resourceName,
String actionName,
Map envParameters)
Deprecated.
Evaluates simple privileges of boolean type.
|
void |
Policy.store(SSOToken token,
String name)
Deprecated.
Stores the policy object in a persistent data store
under the organization, sub-organization or a container
object, specified as a parameter.
|
| Constructor and Description |
|---|
PolicyManager(SSOToken token)
Deprecated.
Constructor for
PolicyManager for the
top (or root) organization. |
PolicyManager(SSOToken token,
String name)
Deprecated.
Constructor for
PolicyManager for the
specified organization, sub organization or a container object. |
| Modifier and Type | Method and Description |
|---|---|
ConditionDecision |
Condition.getConditionDecision(SSOToken token,
Map<String,Set<String>> env)
Deprecated.
Gets the decision computed by this condition object, based on the
Map of environment parameters |
PolicyDecision |
Referral.getPolicyDecision(SSOToken token,
String resourceType,
String resourceName,
Set actionNames,
Map envParameters)
Deprecated.
Gets policy results
|
Set |
Referral.getResourceNames(SSOToken token,
String serviceTypeName,
String resourceName)
Deprecated.
Gets resource names that are exact matches, sub resources or
wild card matches of argument resource name.
|
Map |
ResponseProvider.getResponseDecision(SSOToken token,
Map env)
Deprecated.
Gets the response attributes computed by this ResponseProvider object,
based on the
SSOToken and Map of
environment parameters. |
ValidValues |
Subject.getValidValues(SSOToken token)
Deprecated.
Returns a list of possible values for the
Subject
. |
ValidValues |
Referral.getValidValues(SSOToken token)
Deprecated.
Gets the valid values for this referral
|
ValidValues |
Subject.getValidValues(SSOToken token,
String pattern)
Deprecated.
Returns a list of possible values for the
Subject
that satisfy the given pattern. |
ValidValues |
Referral.getValidValues(SSOToken token,
String pattern)
Deprecated.
Gets the valid values for this referral
matching a pattern
|
Syntax |
Subject.getValueSyntax(SSOToken token)
Deprecated.
Returns the syntax of the values the
Subject implementation can have. |
Syntax |
Referral.getValueSyntax(SSOToken token)
Deprecated.
Gets the syntax for the value
|
boolean |
Subject.isMember(SSOToken token)
Deprecated.
Determines if the user belongs to this instance
of the
Subject object. |
| Modifier and Type | Method and Description |
|---|---|
SSOToken |
AppSSOTokenProvider.getAppSSOToken()
Returns application single sign on token.
|
SSOToken |
AdminTokenAction.run() |
| Constructor and Description |
|---|
OrganizationConfigManager(SSOToken token,
String orgName)
Constructor to obtain an instance of
OrganizationConfigManager
for an organization by providing
an authenticated identity of the user. |
ServiceConfigManager(SSOToken token,
String serviceName,
String version)
Creates an instance of
ServiceConfigManager for the given service and version. |
ServiceManager(SSOToken token)
Creates an instance of
ServiceManager. |
ServiceSchemaManager(SSOToken token,
String serviceName,
String version,
DataStoreId dataStoreId,
boolean isSaved)
Creates an instance of
ServiceSchemaManager for the given service and version pair. |
| Modifier and Type | Method and Description |
|---|---|
static void |
SecretsUtils.createKeyStorePurposeMapping(SecretIdRegistry secretIdRegistry,
KeyStoreSecretStore keyStore,
String purposeLabel,
List<String> aliases,
Optional<Realm> realm,
SSOToken authorizationToken)
Creates a global purpose and adds a mapping for it to the given key alias in the given keystore.
|
default com.google.common.collect.Multimap<String,String> |
SecretIdProvider.getGlobalMultiInstanceSecretIds(SSOToken authorizationToken)
Returns the secret IDs used by global multi-instance services, e.g.
|
default com.google.common.collect.Multimap<String,String> |
SecretIdProvider.getRealmMultiInstanceSecretIds(SSOToken authorizationToken,
Realm realm)
Returns the secret IDs used by realm level multi-instance services, e.g.
|
| Modifier and Type | Method and Description |
|---|---|
void |
SessionTimeoutHandler.onIdleTimeout(SSOToken token)
Executed on idle timeout
|
void |
SessionTimeoutHandler.onMaxTimeout(SSOToken token)
Executed on max timeout
|
| Modifier and Type | Method and Description |
|---|---|
Map<String,String> |
OpenIdConnectTokenClaimMapper.getCustomClaims(SSOToken token,
Map<String,String> claimMap) |
| Modifier and Type | Method and Description |
|---|---|
List<AuthzDecisionStatement> |
AuthzDecisionStatementsProvider.get(SSOToken ssoToken,
SAML2Config config) |
List<AttributeStatement> |
AttributeStatementsProvider.get(SSOToken ssoToken,
SAML2Config saml2Config,
AttributeMapper attributeMapper)
Invoked to obtain the List of AttributeStatement instances to be included in the generated SAML2 assertion.
|
List<Attribute> |
AttributeMapper.getAttributes(SSOToken token,
Map<String,String> attributeMap)
Gets a list of populated SAML2 Attribute instances.
|
| Modifier and Type | Method and Description |
|---|---|
static void |
UpgradeUtils.addAttributeToSchema(String serviceName,
String subSchemaName,
String schemaType,
Node attributeSchemaNode,
SSOToken adminToken)
Adds new attribute schema to an existing service.
|
static void |
UpgradeUtils.removeAttributeSchema(String serviceName,
String subSchemaName,
String schemaType,
String attributeName,
SSOToken adminToken)
Remove an attribute schema from an existing service.
|
static void |
UpgradeUtils.replaceAttributeSchema(String serviceName,
String subSchemaName,
String schemaType,
String attributeName,
SSOToken adminToken,
Node attributeSchemaNode)
Replace an attribute schema from an existing service with the new one
|
Copyright © 2010-2018, ForgeRock All Rights Reserved.