ServletJwtSessionModule (OpenAM Server Only 6.5.5 Documentation)

java.lang.Object
- org.forgerock.jaspi.modules.session.jwt.AbstractJwtSessionModule<Cookie>
- - org.forgerock.jaspi.modules.session.jwt.ServletJwtSessionModule

All Implemented Interfaces:

javax.security.auth.message.module.ServerAuthModule, javax.security.auth.message.ServerAuth
```
public class ServletJwtSessionModule
extends AbstractJwtSessionModule<Cookie>
implements javax.security.auth.message.module.ServerAuthModule
```
A JASPI Servlet API Session Module which creates a JWT when securing the response from a successful authentication and sets it as a Cookie on the response. Then on subsequent requests checks for the presents of the JWT as a Cookie on the request and validates the signature and decrypts it and checks the expiration time of the JWT.

Field Summary
- Fields inherited from class org.forgerock.jaspi.modules.session.jwt.AbstractJwtSessionModule
  BROWSER_SESSION_ONLY_KEY, COOKIE_DOMAINS_KEY, HMAC_SIGNING_KEY, HTTP_ONLY_COOKIE_KEY, JWT_VALIDATED_KEY, KEY_ALIAS_KEY, KEYSTORE_FILE_KEY, KEYSTORE_PASSWORD_KEY, KEYSTORE_TYPE_KEY, LOGOUT_SESSION_REQUEST_ATTRIBUTE_NAME, MAX_TOKEN_LIFE_IN_MINUTES_KEY, MAX_TOKEN_LIFE_IN_SECONDS_KEY, PRIVATE_KEY_PASSWORD_KEY, SECURE_COOKIE_KEY, SESSION_COOKIE_NAME_KEY, TOKEN_IDLE_TIME_IN_MINUTES_CLAIM_KEY, TOKEN_IDLE_TIME_IN_SECONDS_CLAIM_KEY

Constructor Summary

Constructors
Constructor and Description
`ServletJwtSessionModule()` Constructs an instance of the ServletJwtSessionModule.
`ServletJwtSessionModule(JwtBuilderFactory jwtBuilderFactory)` Constructs an instance of the ServletJwtSessionModule.
`ServletJwtSessionModule(JwtBuilderFactory jwtBuilderFactory, JwtCryptographyHandler jwtCryptographyHandler)` Constructs an instance of the ServletJwtSessionModule.
`ServletJwtSessionModule(JwtCryptographyHandler jwtCryptographyHandler)` Constructs an instance of the ServletJwtSessionModule.

Method Summary

All Methods Instance Methods Concrete Methods
Modifier and Type	Method and Description
`void`	`cleanSubject(javax.security.auth.message.MessageInfo messageInfo, Subject subject)`
`Cookie`	`findJwtSessionCookie(javax.security.auth.message.MessageInfo messageInfo)` Find a session cookie in the given message info.
`Class[]`	`getSupportedMessageTypes()`
`void`	`initialize(javax.security.auth.message.MessagePolicy requestPolicy, javax.security.auth.message.MessagePolicy responsePolicy, CallbackHandler callbackHandler, Map options)`
`javax.security.auth.message.AuthStatus`	`secureResponse(javax.security.auth.message.MessageInfo messageInfo, Subject subject)`
`Jwt`	`validateJwtSessionCookie(javax.security.auth.message.MessageInfo messageInfo)` Validates if the Jwt Session Cookie is valid and the idle timeout or max life has expired.
`javax.security.auth.message.AuthStatus`	`validateRequest(javax.security.auth.message.MessageInfo messageInfo, Subject clientSubject, Subject serviceSubject)`

Methods inherited from class org.forgerock.jaspi.modules.session.jwt.AbstractJwtSessionModule
deleteSessionJwtCookie, getContextMap, initialize, rebuildEncryptedJwt, secureResponse, validateRequest

Methods inherited from class java.lang.Object
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait

Constructor Detail
- ServletJwtSessionModule
```
public ServletJwtSessionModule()
```
  Constructs an instance of the ServletJwtSessionModule.
- ServletJwtSessionModule
```
public ServletJwtSessionModule(JwtBuilderFactory jwtBuilderFactory)
```
  Constructs an instance of the ServletJwtSessionModule.
  
  Parameters:
  
  jwtBuilderFactory - An instance of the jwtBuilderFactory.
- ServletJwtSessionModule
```
public ServletJwtSessionModule(JwtCryptographyHandler jwtCryptographyHandler)
```
  Constructs an instance of the ServletJwtSessionModule.
  
  Parameters:
  
  jwtCryptographyHandler - The JwtCryptographyHandler to use.
- ServletJwtSessionModule
```
public ServletJwtSessionModule(JwtBuilderFactory jwtBuilderFactory,
                               JwtCryptographyHandler jwtCryptographyHandler)
```
  Constructs an instance of the ServletJwtSessionModule.
  
  Parameters:
  
  jwtBuilderFactory - An instance of the jwtBuilderFactory.
  
  jwtCryptographyHandler - The JwtCryptographyHandler to use.

Method Detail

initialize

public void initialize(javax.security.auth.message.MessagePolicy requestPolicy,
                       javax.security.auth.message.MessagePolicy responsePolicy,
                       CallbackHandler callbackHandler,
                       Map options)
                throws javax.security.auth.message.AuthException

Specified by:: initialize in interface javax.security.auth.message.module.ServerAuthModule
Throws:: javax.security.auth.message.AuthException

getSupportedMessageTypes
```
public Class[] getSupportedMessageTypes()
```
Specified by:

getSupportedMessageTypes in interface javax.security.auth.message.module.ServerAuthModule

validateRequest

public javax.security.auth.message.AuthStatus validateRequest(javax.security.auth.message.MessageInfo messageInfo,
                                                              Subject clientSubject,
                                                              Subject serviceSubject)
                                                       throws javax.security.auth.message.AuthException

Specified by:: validateRequest in interface javax.security.auth.message.ServerAuth
Throws:: javax.security.auth.message.AuthException

validateJwtSessionCookie
```
public Jwt validateJwtSessionCookie(javax.security.auth.message.MessageInfo messageInfo)
```
Description copied from class: AbstractJwtSessionModule

Validates if the Jwt Session Cookie is valid and the idle timeout or max life has expired.

Overrides:

validateJwtSessionCookie in class AbstractJwtSessionModule<Cookie>

Parameters:

messageInfo - The MessageInfo instance.

Returns:

The Jwt if successfully validated otherwise null.

findJwtSessionCookie
```
public Cookie findJwtSessionCookie(javax.security.auth.message.MessageInfo messageInfo)
```
Find a session cookie in the given message info.

Parameters:

messageInfo - The message info.

Returns:

The cookie, or null.

secureResponse

public javax.security.auth.message.AuthStatus secureResponse(javax.security.auth.message.MessageInfo messageInfo,
                                                             Subject subject)
                                                      throws javax.security.auth.message.AuthException

Specified by:: secureResponse in interface javax.security.auth.message.ServerAuth
Throws:: javax.security.auth.message.AuthException

cleanSubject

public void cleanSubject(javax.security.auth.message.MessageInfo messageInfo,
                         Subject subject)

Specified by:: cleanSubject in interface javax.security.auth.message.ServerAuth

Class ServletJwtSessionModule

Field Summary

Fields inherited from class org.forgerock.jaspi.modules.session.jwt.AbstractJwtSessionModule

Constructor Summary

Method Summary

Methods inherited from class org.forgerock.jaspi.modules.session.jwt.AbstractJwtSessionModule

Methods inherited from class java.lang.Object

Constructor Detail

ServletJwtSessionModule

ServletJwtSessionModule

ServletJwtSessionModule

ServletJwtSessionModule

Method Detail

initialize

getSupportedMessageTypes

validateRequest

validateJwtSessionCookie

findJwtSessionCookie

secureResponse

cleanSubject