Package pl.edu.icm.unity.engine.api.session

Interface SessionManagement

public interface SessionManagement
Internal login sessions management
Author:
K. Benedyczak

  • Method Details

    • getCreateSession

      LoginSession getCreateSession(long loggedEntity, AuthenticationRealm realm, String label, String outdatedCredentialId, LoginSession.RememberMeInfo rememberMeInfo, AuthenticationOptionKey firstFactorOptionId, AuthenticationOptionKey secondFactorOptionId, RemoteAuthnMetadata authnContext)
      Tries to find a session for the entity in the given realm. If the session is not found then a new session is established.
      Parameters:
      loggedEntity -
      realm -
      label - used only when a new session is created
      outdatedCredential - used only if a new session is created
      rememberMeInfo - information about remember me steps inactive timeout).
      Returns:

    • createSession

      LoginSession createSession(long loggedEntity, AuthenticationRealm realm, String label, String outdatedCredentialId, LoginSession.RememberMeInfo rememberMeInfo, AuthenticationOptionKey firstFactorOptionId, AuthenticationOptionKey secondFactorOptionId, RemoteAuthnMetadata authnContext)
      Creates new session
      Parameters:
      loggedEntity -
      realm -
      label - used only when a new session is created
      outdatedCredential - used only if a new session is created
      rememberMeInfo - information about remember me steps
      Returns:

    • updateSessionAttributes

      void updateSessionAttributes(String id, SessionManagement.AttributeUpdater updater)
      Updates the extra attributes of the session. Update is done via callback to enable transactional access.

    • updateSessionActivity

      void updateSessionActivity(String id)
      Updates the lastUsed timestamp of a session. The implementation may delay this action if the previous update happened recently.

    • recordAdditionalAuthentication

      void recordAdditionalAuthentication(String id, AuthenticationOptionKey optionId)
      Records additional re-authentication fact to the session

    • removeSession

      void removeSession(String id, boolean soft)
      Removes a given session. Missing session is silently ignored.
      Parameters:
      id -
      soft - if true then only the login data is removed from the HTTP session. Otherwise the whole session is invalidated

    • getSession

      LoginSession getSession(String id)

    • getOwnedSession

      LoginSession getOwnedSession(EntityParam owner, String realm) throws EngineException
      Tries to find a session owned by a given entity in a given realm.
      Throws:
      EngineException

    • addSessionParticipant

      void addSessionParticipant(SessionParticipant... participant)
      Adds given participants to the current login session