All Classes Interface Summary Class Summary Enum Summary Exception Summary Annotation Types Summary
Class |
Description |
AbandonRequest |
The Abandon operation allows a client to request that the server abandon an
uncompleted operation.
|
AbstractAsynchronousConnection |
An abstract connection whose synchronous methods are implemented in terms of
asynchronous methods.
|
AbstractAsynchronousConnection |
An abstract connection whose synchronous methods are implemented in terms of
asynchronous methods.
|
AbstractAttribute |
This class provides a skeletal implementation of the Attribute interface, to minimize the effort required to
implement this interface.
|
AbstractConnection |
This class provides a skeletal implementation of the Connection
interface, to minimize the effort required to implement this interface.
|
AbstractConnectionWrapper<C extends Connection> |
An abstract base class from which connection wrappers may be easily
implemented.
|
AbstractConnectionWrapper<C extends Connection> |
An abstract base class from which connection wrappers may be easily
implemented.
|
AbstractContext |
A base implementation of the Context interface.
|
AbstractDecisionNode |
An abstract node implementation for nodes that result in a simple true-false outcome.
|
AbstractDecisionNode.OutcomeProvider |
Provides a static set of outcomes for decision nodes.
|
AbstractEncryptionHandler |
Deprecated.
|
AbstractEntry |
This class provides a skeletal implementation of the Entry interface, to minimize the effort required to
implement this interface.
|
AbstractExtendedRequest<ER extends ExtendedRequest<S>,S extends ExtendedResult> |
An abstract Extended request which can be used as the basis for implementing new Extended operations.
|
AbstractExtendedResult<S extends ExtendedResult> |
An abstract Extended result which can be used as the basis for implementing
new Extended operations.
|
AbstractExtendedResultDecoder<S extends ExtendedResult> |
This class provides a skeletal implementation of the
ExtendedResultDecoder interface, to minimize the effort required to
implement this interface.
|
AbstractIntermediateResponse<S extends IntermediateResponse> |
An abstract Intermediate response which can be used as the basis for
implementing new Intermediate responses.
|
AbstractJwtBuilder |
A base implementation for all JwtBuilders that provides the basis of the JWT builder methods.
|
AbstractJwtSessionModule<C extends JwtSessionCookie> |
A JASPI Session Module which creates a JWT when securing the response from a successful authentication and sets it
as a Cookie on the response.
|
AbstractKbaStage<C extends AbstractKbaStageConfig<?>> |
Base class for KBA stages.
|
AbstractKbaStageConfig<C extends AbstractKbaStageConfig<C>> |
Defines the common configurations for the KBA stages.
|
AbstractMapEntry<M extends Map<AttributeDescription,Attribute>> |
Abstract implementation for Map based entries.
|
AbstractNodeAmPlugin |
A convenient base class for AmPlugin s that provide authentication nodes.
|
AbstractOrderingMatchingRuleImpl |
This class implements a default ordering matching rule that matches
normalized values in byte order.
|
AbstractRequestHandler |
Deprecated.
|
AbstractRequestVisitor<R,P,E extends Exception> |
|
AbstractRouter<T extends AbstractRouter<T,R,H,D>,R,H,D> |
An abstract base class for implementing routers.
|
AbstractSetCookieHeader |
An abstract SetCookieHeader class for SetCookieHeader and SetCookie2Header .
|
AbstractSynchronousConnection |
An abstract connection whose asynchronous methods are implemented in terms of
synchronous methods.
|
AcceptApiVersionHeader |
Processes the Accept-API-Version message header.
|
AcceptLanguageHeader |
A header class representing the Accept-Language HTTP header.
|
AccessToken |
Models an OAuth2 access token.
|
AccessTokenException |
The exception thrown when creating OAuth2 token using client credential grant type.
|
AccessTokenException |
Represents an exception whilst retrieving an OAuth2 access token.
|
AccessTokenInfo |
|
AccessTokenModifier |
A plugin or (extension point) that allows modification of the OAuth2 access token before the token is
persisted/returned to the client.
|
AccessTokenRequest |
Encapsulates all relevant data necessary to represent a request for a new access token.
|
AccessTokenRequest.Builder |
Access token request builder.
|
AccessTokenRequest.GrantType |
|
AccessTokenResolver |
Resolves a given token against a dedicated OAuth2 Identity Provider (OpenAM, Google, Facebook, ...).
|
AccessTokenResponse |
Encapsulates the minted access token along with its contextual data.
|
AccessTokenResponse.Builder |
Access token response builder.
|
AccessTokenService |
Access token service is responsible for serving up OAuth2 access tokens along with its contextual data, based on the
request having been passed.
|
AccountProvider |
Implementations of this interface provide the means to search for and create users given a map of attributes.
|
Action |
This class is designed for Action element in SAML core
assertion.
|
Action |
The Action element specifies an action on the specified
resource for which permission is sought.
|
Action |
The Action element specifies information about the
action requested in the Request context by listing a
sequence of Attribute elements associated with the
action.
|
Action |
Indicates an CREST action method on an annotated POJO.
|
Action |
Class that represents the Action operation type in API descriptor.
|
Action |
Immutable container for the result of processing a node.
|
Action<E extends Exception> |
An Runnable functional interface which can throw a checked Exception.
|
Action.ActionBuilder |
|
Action.Builder |
Builder class for creating the Action.
|
ActionDecision |
Deprecated.
|
ActionImpl |
The Action element specifies information about the
action requested in the Request context by listing a
sequence of Attribute elements associated with the
action.
|
ActionRequest |
An implementation specific action, or operation, upon a JSON resource.
|
ActionResponse |
Response object for JSON responses.
|
Actions |
Declare an array of Action operations from a single method.
|
AdditionalProperties |
Annotation to define JSON Schema additionalProperties , which is useful when working with key/value
JSON data structures.
|
AddRequest |
The Add operation allows a client to request the addition of an entry into
the Directory.
|
AddressMask |
An address mask can be used to perform efficient comparisons against IP
addresses to determine whether a particular IP address is in a given range.
|
AdminDNAction |
The class is used to perform privileged operations using
java.security.AccessController.doPrivileged()
when using
com.iplanet.am.util.AdminUtils to obtain Administrator DN.
|
AdminPasswordAction |
The class is used to perform privileged operations using
AccessController.doPrivileged()
when using
com.iplanet.am.util.AdminUtils to obtain Administrator
passwords.
|
AdminTokenAction |
Provides a centralised method for fetching an administrator token for operations where there
is no user present.
|
AdminUtils |
This class contains methods to retrieve Top Level Administrator information.
|
AdNotificationRequestControl |
The persistent search request control for Active Directory as defined by
Microsoft.
|
Advice |
The Advice element contains additional information that the
issuer wish to provide.
|
Advice |
The Advice contains any additional information that the
SAML authority wishes to provide.
|
AdviceBase |
The Advice element contains additional information
that the issuer wish to provide.
|
AdviceContext |
A Context containing information which should be returned to the user in some
appropriate form to the user.
|
AdviceWarning |
WarningHeader implements RFC 2616 section 14.46 - Warning.
|
AESKeyWrapEncryptionHandler |
Provides JWE key encapsulation using the AES KeyWrap algorithm.
|
Algorithm |
The interface for each possible algorithm that can be used to sign and/or encrypt a JWT.
|
AMAuthCallBack |
The AMAuthCallBack interface should be implemented by external
business logic code, in order to receive callbacks from the authentication
framework when one of the following events happens :
account lockout
password change (via LDAP module)
|
AMAuthCallBackException |
|
AMIdentity |
This class represents an Identity which needs to be managed by Access
Manager.
|
AMIdentityRepository |
The class AMIdentityRepository represents an object to access
the repositories in which user/role/group and other identity data is
configured.
|
AMLoginModule |
An abstract class which implements JAAS LoginModule, it provides
methods to access OpenAM services and the module
xml configuration.
|
AMPasswordUtil |
This class which contains utilities to encrypt and decrypt attribute value of
password type.
|
AmPlugin |
Define an AM plugin.
|
AMPostAuthProcessInterface |
The AMPostAuthProcessInterface interface needs to
be implemented by services and applications to do post
authentication processing.
|
AnnotatedService<T> |
Describes a service as defined by an annotated interface.
|
AnnotatedServiceRegistry |
A registry for all service configuration that is defined in annotated service interfaces.
|
AnonymousProcessService |
Anonymous process service progresses a chain of ProgressStage
configurations, handling any required client interactions.
|
Answers |
Utility methods for hashing and normalising answers to KBA questions.
|
ApiDescription |
Class that represents the ApiDescription type in API descriptor.
|
ApiDescription.Builder |
Builder for the ApiDescription.
|
ApiDocGenerator |
Generates static AsciiDoc documentation for CREST API Descriptors.
|
ApiDocGeneratorException |
Signals that an error occurred while generating API documentation.
|
ApiError |
Details of an error that could be returned.
|
ApiError |
Class that represents the ApiError type in API descriptor.
|
ApiError.Builder |
Builder for the ApiError.
|
ApiProducer<D> |
A producer of API Descriptions.
|
ApiValidationException |
Signals that API failed validation.
|
ApiVersionRouterContext |
A Context which is created when a request is and has been routed
based on resource API version.
|
AppleClient |
Oauth 2.0 Client Implementation that supports Apple.
|
AppleClientConfiguration |
|
AppleClientConfiguration.Builder |
|
Applications |
Utility methods to work with CHF Applications.
|
Applications |
|
AppRoleTokenStore |
Authenticates to Vault using the AppRole
authentication backend to obtain a token that can be used for further operations.
|
AppSSOTokenProvider |
This interface defines method to get application single sign on token.
|
Artifact |
This class represents the Artifact element in
SAMLv2 protocol schema.
|
ArtifactResolve |
The ArtifactResolve message is used to request that a SAML
protocol message be returned in an ArtifactResponse message
by specifying an artifact that represents the SAML protocol message.
|
ArtifactResponse |
The ArtifactResopnse message has the complex type
ArtifactResponseType .
|
AsciiDoc |
Root builder for AsciiDoc markup.
|
AsciiDocException |
Signals that an error occurred while building AsciiDoc markup.
|
AsciiDocSymbols |
Enumeration of AsciiDoc markup symbols.
|
AsciiDocTable |
AsciiDoc table builder [ ref], which defers insertion
of the table, at the end of the parent document, until AsciiDocTable.tableEnd() is called.
|
AsciiDocTableColumnStyles |
AsciiDoc table column-styles.
|
Asn1 |
This class contains various static factory methods for creating ASN.1 readers
and writers.
|
Asn1Reader |
An interface for decoding ASN.1 elements from a data source.
|
Asn1Tag |
Provides methods for building and analyzing ASN.1 tag bytes.
|
Asn1Tag.Class |
The Asn1 tag classes.
|
Asn1Writer |
An ASN1Writer implementation that outputs to an outputstream.
|
Assertion |
This object stands for Assertion element.
|
Assertion |
The Assertion element is a package of information
that supplies one or more Statement made by an issuer.
|
Assertion |
A compiled attribute value assertion.
|
AssertionBase |
This object stands for Assertion element.An Assertion is a
package of information that supplies one or more Statement made
by an issuer.
|
AssertionFactory |
This is the factory class to obtain instances of the objects defined
in assertion schema.
|
AssertionFailureException |
Thrown when the result code returned in a Result indicates that the Request
failed because the filter contained in an assertion control failed to match
the target entry.
|
AssertionIDRef |
This class represents the AssertionIDRef element.
|
AssertionIDReference |
AssertionIDReference element makes reference to a SAML
assertion.
|
AssertionIDRequest |
This class represents the AssertionIDRequestType complex type.
|
AssertionIDRequestMapper |
This interface AssertonIDRequestMapper is used by asseriton
ID request service to process assertion ID request.
|
AssertionIDRequestUtil |
This class provides methods to send or process
AssertionIDRequest .
|
AssertionRequestControl |
The assertion request control as defined in RFC 4528.
|
AsyncFunction<VIN,VOUT,E extends Exception> |
An asynchronous Function which returns a result at some point in the
future.
|
AsyncServerAuthContext |
An asynchronous interface counterpart for the
ServerAuthContext .
|
AsyncServerAuthModule |
An asynchronous interface counterpart for the
ServerAuthModule .
|
AsyncSessionManager |
A session manager is responsible to create/save a new type of Session .
|
AtomicThrowable |
Atomic container for Throwables including combining and having a terminal state via ExceptionHelper.
|
Attribute |
The Attribute element specifies an attribute of the assertion
subject.
|
Attribute |
The Attribute element identifies an attribute by name and
optionally includes its value(s).
|
Attribute |
The Attribute element specifies information about the
action/subject/resource requested in the Request context by
listing a sequence of Attribute elements associated with
the action.
|
Attribute |
Indicates that a method describes a configuration attribute of an SMS service.
|
Attribute |
An attribute, comprising of an attribute description and zero or more attribute values.
|
AttributeAuthorityMapper |
This interface AttributeAuthorityMapper is used by attribute
authority to process attribute query.
|
AttributeCompressionStrategy |
Responsible for performing a specialised JSON compression based on the
attribute name being stored in the JSON.
|
AttributeDescription |
An attribute description as defined in RFC 4512 section 2.5.
|
AttributeDesignator |
The AttributeDesignator element identifies an attribute
name within an attribute namespace.
|
AttributeFilter |
A configurable factory for filtering the attributes exposed by an entry.
|
AttributeImpl |
The Attribute element specifies information about the
action/subject/resource requested in the Request context by
listing a sequence of Attribute elements associated with
the action.
|
AttributeMapper<T> |
Translates from a source to a map of attributes.
|
AttributeMapper |
Defines the concerns of mapping attributes into SAML2 AttributeStatements.
|
AttributeParser |
A fluent API for parsing attributes as different types of object.
|
AttributeQuery |
This class represents the AttributeQueryType complex type.
|
AttributeQueryUtil |
This class provides methods to send or process AttributeQuery .
|
Attributes |
This class contains methods for creating and manipulating attributes.
|
AttributeSchema |
The class AttributeSchema provides methods to access the
schema of a configuration parameter.
|
AttributeSchema.ListOrder |
This enum ListOrder defines the list orders of schema attributes and provides constants for these list
orders.
|
AttributeSchema.Syntax |
The class Syntax defines the syntax of the schema
attributes and provides static constants for these types.
|
AttributeSchema.Type |
The class Type defines the types of schema attributes and
provides static constants for these types.
|
AttributeSchema.UIType |
The class UIType defines the UI types of schema attributes
and provides static constants for these types.
|
AttributesContext |
An AttributesContext is a mechanism for transferring transient state between components when processing a
single request.
|
AttributeStatement |
The AttributeStatement element supplies a statement by the issuer
that the specified subject is associated with the specified attributes.
|
AttributeStatement |
The AttributeStatement element describes a statement by
the SAML authority asserting that the assertion subject is associated with
the specified attributes.
|
AttributeStatementsProvider |
Defines the concerns of generating the AttributeStatement list to be included in the SAML2 assertion.
|
AttributeType |
This class defines a data structure for storing and interacting with an
attribute type, which contains information about the format of an attribute
and the syntax and matching rules that should be used when interacting with
it.
|
AttributeType.Builder |
A fluent API for incrementally constructing attribute type.
|
AttributeUsage |
This enumeration defines the set of possible attribute usage values that may
apply to an attribute type, as defined in RFC 2252.
|
AudienceRestriction |
The AudienceRestriction specifies that the assertion
is addressed to one or more specific Audience s.
|
AudienceRestrictionCondition |
This is an implementation of the abstract Condition class, which
specifes that the assertion this AuthenticationCondition is part of, is
addressed to one or more specific audience.
|
AuditApi |
Audit API interface for auditing the result of an authentication request.
|
AuditTrail |
Responsible for tracking the auditing of an authentication attempt including auditing each of the modules that
are executed and the overall result of the authentication.
|
AuthComparison |
The available types of authentication context comparison methods.
|
AuthContext |
The AuthContext provides the implementation for
authenticating users.
|
AuthContext.IndexType |
The class IndexType defines the possible kinds of "objects"
or "resources" for which an authentication can be performed.
|
AuthContext.Status |
The class Status defines the possible
authentication states during the login process.
|
AuthContextLocal |
The AuthContextLocal provides the implementation for
authenticating users.
|
AuthContextWithState |
AsyncServerAuthContext implementations should
implement this interface when the AsyncServerAuthContext has its own implementation of
a AuthenticationState that it will be using to store and maintain state for a single
request.
|
AuthenticatedEncryptionCryptographyHandler |
A JwtCryptographyHandler that ensures confidentiality and authenticity of data using authenticated
encryption algorithms.
|
AuthenticationException |
AuthenticationException class is for handling Exception that
is thrown when the user-entered tokens cause the authentication module to
be authenticated to fail.
|
AuthenticationException |
A generic authentication exception which accepts a detail message and/or the cause.
|
AuthenticationException |
Thrown when the result code returned in a Result indicates that the Bind
Request failed due to an authentication failure.
|
AuthenticationFailedException |
An authentication exception which signifies that authentication of the request has failed and an
appropriate unauthorized response should be returned to the client.
|
AuthenticationFilter |
A HTTP Filter that will protect all downstream filters or handlers.
|
AuthenticationFilter.AuthenticationFilterBuilder |
Builder class that configures an Authentication Framework instance.
|
AuthenticationFilter.AuthenticationModuleBuilder |
|
AuthenticationFramework |
An authentication framework for protecting all types of resources.
|
AuthenticationState |
Maintains state information and provides to retrieve values in a type safe manner.
|
AuthenticationStateException |
|
AuthenticationStatement |
The AuthenticationStatement element supplies a
statement by the issuer that its subject was authenticated by a
particular means at a particular time.
|
AuthenticationStatementsProvider |
Defines the concern of providing the AuthnStatement list to be included in the generated SAML2 assertion.
|
AuthLoginException |
This class is for handling message localization in LoginException.
|
AuthnContext |
The AuthnContext element specifies the context of an
authentication event.
|
AuthnQuery |
This class represents the AuthnQueryType complex type.
|
AuthnQueryUtil |
This class provides methods to send or process AuthnQuery .
|
AuthnRequest |
The AuthnRequest interface defines methods for properties
required by an authentication request.
|
AuthnStatement |
The AuthnStatement element describes a statement by the
SAML authority asserting that the assertion subject was authenticated
by a particular means at a particular time.
|
AuthorityBinding |
The AuthorityBinding element may be used to indicate
to a replying party receiving an AuthenticationStatement that
a SAML authority may be available to provide additional information about
the subject of the statement.
|
AuthorityBinding.AuthorityKindType |
The AuthorityKindType is an inner class defining constants for
the representing the type of SAML protocol queries to which the authority
described by this element will respond.
|
AuthorizationAttribute<T> |
Provides a convenience layer on top of AuthorizationContext to simplify access to particular attributes in
the authorisation context.
|
AuthorizationContext |
Context to use for authorization requests.
|
AuthorizationDecisionStatement |
The AuthorizationDecisionStatement element supplies a statement
by the issuer that the request for access by the specified subject to the
specified resource has resulted in the specified decision on the basis of
some optionally specified evidence.
|
AuthorizationDecisionStatementBase |
The AuthorizationDecisionStatement element supplies a statement
by the issuer that the request for access by the specified subject to the
specified resource has resulted in the specified decision on the basis of
some optionally specified evidence.
|
AuthorizationDecisionStatementBase.DecisionType |
The DecisionType is an inner class defining constants for the
type of Decisions than can be conveyed by an
AuthorizationDecisionStatement .
|
AuthorizationException |
Represents an exception whilst performing Authorization.
|
AuthorizationException |
Thrown when the result code returned in a Result indicates that the Request
failed due to an authorization failure.
|
AuthorizationFilters |
This class contains methods for creating FilterChain s to protect resources by performing authorization on
each incoming request.
|
AuthorizationHeader |
A header class representing the Authorization HTTP header.
|
AuthorizationHeader.Factory |
|
AuthorizationIdentityRequestControl |
The authorization request control as defined in RFC 3829.
|
AuthorizationIdentityResponseControl |
The authorization response control as defined in RFC 3829.
|
AuthorizationResult |
Represents the result of the authorization of a request.
|
AuthorizeEndpointDataProvider |
A plugin or (extension point) that allows the OAuth2 provider
to return additional data from an authorization request.
|
Authorizer |
Deprecated. |
AuthPassword |
An authentication password, it has a storage scheme, authentication info and authentication value.
|
AuthStatusUtils |
Utility class providing utility methods for determining the meaning behind each of the different AuthStatus
values.
|
AuthzDecisionStatement |
The AuthzDecisionStatement element describes a statement
by the SAML authority asserting that a request for access by the assertion
subject tot he specified resource has resulted in the specified authorization
decision on the basis of some optionally specified evidence.
|
AuthzDecisionStatementsProvider |
This interface defines the plug-in point for producing AuthzDecisionStatements.
|
Ava |
An attribute value assertion (AVA) as defined in RFC 4512 section 2.3
consists of an attribute description with zero options and an attribute
value.
|
BackpressureHelper |
Utility class to help with backpressure-related operations such as request aggregation.
|
BadRequestException |
An exception that is thrown during a operation on a resource when the
requested operation is malformed.
|
Base64 |
This class provides methods for performing base64 encoding and decoding.
|
Base64 |
Provides RFC 4648 / RFC 2045 compatible Base64 encoding and decoding.
|
Base64url |
Makes use of the Base64 class to encode and decode to and from URL-safe Base64.
|
BaseID |
The BaseID is an extension point that allows
applications to add new kinds of identifiers.
|
BaseIDAbstract |
The BaseIDAbstract is an abstract type usable only as
the base of a derived type.
|
BaseOpenIdResolver |
Implementation of the OpenIdResolver interface.
|
BaseQueryFilterVisitor<R,P,F> |
|
BaseResourceName<T,E extends Exception> |
The interface ResourceName provides
methods to determine the hierarchy of resource names.
|
BaseSecretStoreProvider |
A marker interface for types that provider secret store implementations.
|
BasicCredentials |
A rich representation of basic credentials.
|
BearerToken |
A rich representation of bearer credentials.
|
BiFunction<T,U,R,E extends Exception> |
A BiFunction functional interface which can throw a checked Exception.
|
BigIntegerUtils |
Utils to complement bit operations not covered by the BigInteger functions.
|
BinarySecurityToken |
The class BinarySecurityToken provides interface to parse and
create X.509 Security Token depicted by Web Service Security : X.509
Certificate Token Profile and Liberty ID-WSF Security Mechanisms
specifications.
|
BindRequest |
The Bind operation allows authentication information to be exchanged between the client and server.
|
BindResult |
A Bind result indicates the status of the client's request for
authentication.
|
BlackAndWhitelistFilter |
This class can be used for filtering string elements by using blacklists and/or whitelists.
|
BlobStrategy |
Responsible for defining the interface of the Token Blob Strategy.
|
BloomFilter<E> |
|
BloomFilterMonitor<T> |
Generic Bloom Filter JMX monitoring.
|
BloomFilterMXBean |
Operations for monitoring and management of Bloom Filter implementations.
|
BloomFilters |
Factory methods for creating bloom filters with various requirements.
|
BloomFilters.BloomFilterBuilder<T> |
Builder for constructing and configuring Bloom Filter implementations.
|
BloomFilters.RollingBloomFilterBuilder<T> |
Builder pattern for Rolling Bloom Filters, which are Scalable Bloom Filters whose elements can expire allowing
space to be reclaimed over time.
|
BloomFilters.ScalableBloomFilterBuilder<T> |
Builder pattern for Scalable Bloom Filters.
|
BloomFilterStatistics |
Provides a snapshot of the current statistics and configuration of a Bloom Filter implementation.
|
BranchingInputStream |
An input stream that can branch into separate input streams to perform
divergent reads.
|
Buffer |
A dynamically growing data buffer.
|
ByteSequence |
A ByteSequence is a readable sequence of byte values.
|
ByteSequenceReader |
An interface for iteratively reading data from a ByteSequence .
|
ByteString |
An immutable sequence of bytes backed by a byte array.
|
ByteStringBuilder |
A mutable sequence of bytes backed by a byte array.
|
CachingAccessTokenResolver |
|
CancelExtendedRequest |
The cancel extended request as defined in RFC 3909.
|
CancelledResultException |
Thrown when the result code returned in a Result indicates that the Request
was cancelled.
|
CancelRequestListener |
An object that registers to be notified when a cancellation request has been
received and processing of the request should be aborted if possible.
|
CaptchaStage |
Stage is responsible for captcha based security.
|
CaptchaStageConfig |
Configuration for the captcha stage.
|
CaseInsensitiveMap<V> |
An implementation of a map whose keys are case-insensitive strings.
|
CaseInsensitiveSet |
An implementation of a set whose values are case-insensitive strings.
|
CaveatVerifier |
Generic interface for methods to verify that a caveat is satisfied.
|
CertificateVerificationKey |
A key used for verifying certificate signatures.
|
ChainedPropertyResolver |
Contains a chain of PropertyResolver s that should be used to get a token replacement property.
|
ChangeRecord |
A request to modify the content of the Directory in some way.
|
ChangeRecordReader |
An interface for reading change records from a data source, typically an LDIF
file.
|
ChangeRecordVisitor<R,P,E extends Exception> |
A visitor of ChangeRecord s, in the style of the visitor design pattern.
|
ChangeRecordWriter |
An interface for writing change records to a data source, typically an LDIF
file.
|
ChangeType |
Indicates the type of change which occurred to a token, which can be understood at the CTS (above the data layer)
layer.
|
CharsetDecoderFlowableTransformer |
|
CheckSession |
Interface is to define what needs to be implemented to do the OpenID Connect check session endpoint.
|
ChfHttpClient |
Deprecated.
|
ChfHttpTransport |
Implementation of the Google Cloud API HttpTransport interface using CHF.
|
ChoiceValues |
The abstract class ChoiceValues provides a mechanism for
services to provide choice values for attributes dynamically instead of being
statically defined in the service XML file stored in the directory.
|
ChoiceValues |
|
Claim |
Models an OpenID Connect claim that has been requested in an authorize request.
|
Claim |
Deprecated.
|
Claim.ClaimBuilder |
Builder to keep the Claim immutable.
|
Claim.ClaimBuilder |
Builder to keep the Claim immutable.
|
Claims |
Models OpenID Connect claims that are requested in an authorize request.
|
ClaimsMapper |
Utility class for converting Claims and Claim objects to and from JSON.
|
Client |
An HTTP client which forwards requests to a wrapped Handler .
|
ClientContext |
Client context gives easy access to client-related information that are available into the request.
|
ClientContext.Builder |
Builder for creating ClientContext instances.
|
ClientSecretBasicAuthenticationFilter |
Deprecated.
|
ClientSecretPostAuthenticationFilter |
|
Closeables |
Common utility methods for Closeables.
|
CloseSilentlyAsyncFunction<VIN extends Closeable,VOUT,E extends Exception> |
|
CloseSilentlyFunction<VIN extends Closeable,VOUT,E extends Exception> |
|
CodeGeneratorSource |
|
CoercionFunction |
Coercions that can be applied to a given json value.
|
CollectionProvider |
A marker annotation to indicate that the annotated class should be interpreted as an annotated CREST
collection provider resource.
|
CollectionResourceProvider |
An implementation interface for resource providers which exposes a collection
of resource instances.
|
CommonsApi |
Commons ForgeRock API description.
|
CommonsApi.Errors |
Common api errors.
|
CommonStateFields |
Constants class for defining fields for common state shared across stages.
|
CompareRequest |
The Compare operation allows a client to compare an assertion value with the
values of a particular attribute in a particular entry in the Directory.
|
CompareResult |
An Compare result indicates the final status of an Compare operation.
|
CompressionAlgorithm |
An Enum of the possible compression algorithms that can be applied to the JWE payload plaintext.
|
CompressionHandler |
The interface for CompressionHandlers for all the different compression algorithms.
|
CompressionManager |
A service to get the appropriate CompressionHandler for a specified Compression algorithm.
|
ConcurrencyStrategy |
Strategy that determines how thread-safety of bloom filters should be managed.
|
ConcurrentRollingBloomFilter<T> |
A thread-safe implementation of a Bloom Filter that can expand over time to accommodate arbitrary numbers of
elements, while also allowing old elements to be deleted after they have expired.
|
Condition |
Deprecated. |
Condition |
This is an abstract class which servers as an extension point for new
conditions.
|
Condition |
The Condition serves as an extension point for new
conditions.
|
ConditionAbstract |
The ConditionAbstract is abstract and is thus usable
as the base of a derived class
|
ConditionDecision |
|
ConditionDecision |
Deprecated.
|
ConditionDecision.Builder |
Builder to help construct decisions.
|
ConditionResult |
The result of a tri-state logical expression.
|
Conditions |
This Conditions is a set of Condition .
|
Conditions |
The Conditions defines the SAML constructs that place
constraints on the acceptable use if SAML Assertion s.
|
ConditionsProvider |
Implementations of this interface will be consulted to obtain the Conditions object included in generated SAML2 assertions.
|
ConditionTypeManager |
Deprecated.
|
Config |
Indicates that an interface describes the configuration of an SMS service.
|
Config.Scope |
The types of visibility available for a service.
|
ConfigurationActionEvent |
The ConfigurationActionEvent class represents
Configuration event.
|
ConfigurationException |
An ConfigurationException is thrown when there are
errors related to service configuration operations.
|
ConfigurationInstance |
ConfigurationInstance is the interface that provides the
operations on service configuration.
|
ConfigurationListener |
The interface ConfigurationListener needs to be implemented
by applications in order to receive component data change notifications.
|
ConfigUtil |
Utility methods for config value retrieval.
|
ConflictException |
An exception that is thrown during a operation on a resource when such an
operation would result in a conflict.
|
ConflictingSchemaElementException |
Thrown when addition of a schema element to a schema builder fails because
the OID of the schema element conflicts with an existing schema element and
the caller explicitly requested not to override existing schema elements.
|
Connection |
A client connection to a JSON resource provider over which read and update
requests may be performed.
|
Connection |
A connection with a Directory Server over which read and update operations
may be performed.
|
ConnectionChangeRecordWriter |
A ConnectionChangeRecordWriter is a bridge from Connection s
to ChangeRecordWriter s.
|
ConnectionEntryReader |
A ConnectionEntryReader is a bridge from Connection s to
EntryReader s.
|
ConnectionEntryWriter |
A ConnectionEntryWriter is a bridge from Connection s to
EntryWriter s.
|
ConnectionEventListener |
An object that registers to be notified when a connection is closed by the
application, receives an unsolicited notification, or experiences a fatal
error.
|
ConnectionException |
Deprecated. |
ConnectionException |
Thrown when the result code returned in a Result indicates that the Request
was unsuccessful because of a connection failure.
|
ConnectionFactory |
A connection factory provides an interface for obtaining a connection to a
JSON resource provider.
|
ConnectionFactory |
A connection factory provides an interface for obtaining a connection to a
Directory Server.
|
ConnectionHeader |
Processes the Connection message header.
|
ConnectionPool |
An LDAP client which maintains and re-uses a pool of connections.
|
Connections |
This class contains methods for creating and manipulating LDAP clients and connections.
|
ConnectionSecurity |
Indicates whether LDAP client connections should use SSL or StartTLS.
|
ConsentHeader |
The ConsentHeader class represents Consent element
defined in SOAP binding schema.
|
ConsistentHashMap<P> |
An implementation of "consistent hashing" supporting per-partition weighting.
|
ConstraintViolationException |
Thrown when the result code returned in a Result indicates that the update
Request failed because it would have left the Directory in an inconsistent
state.
|
Consumer<T,E extends Exception> |
A Consumer functional interface which can throw a checked Exception.
|
ContentApiVersionHeader |
Processes the Content-API-Version message header.
|
ContentEncodingHeader |
Processes the Content-Encoding message header.
|
ContentLengthHeader |
Processes the Content-Length message header.
|
ContentTypeHeader |
Processes the Content-Type message header.
|
Context |
Type-safe contextual information associated with the processing of a request in an application.
|
ContextFactory |
This is the factory class to obtain instances of the objects defined
in xacml context schema.
|
ContinuousListener |
An interface for listener to generic changes from a remote source.
|
ContinuousQuery |
Interface for ensuring that continuous queries can be controlled once configured.
|
ContinuousQueryListener<T> |
Interface for an object that listens to changes resulting from a continuous query.
|
ContinuousWatcher<T extends ContinuousListener> |
Interface by which all ContinuousWatchers ensure similar operation.
|
ContinuousWatcherDirectory |
Service for setting up ContinuousWatchers and ContinuousListeners.
|
Control |
Controls provide a mechanism whereby the semantics and arguments of existing
LDAP operations may be extended.
|
ControlDecoder<C extends Control> |
A factory interface for decoding a control as a control of specific type.
|
Controls |
Utility class to resolve controls OID from aliases.
|
Cookie |
This class creates an API which bridges the differences between the Servlet 2.5 and 3.0 Cookie APIs, as the Servlet
2.5 API does not support HttpOnly cookies and provides no methods to create a HttpOnly cookie.
|
Cookie |
An HTTP cookie.
|
Cookie.SameSite |
Indicates the SameSite
value of the cookie.
|
CookieHeader |
Processes the Cookie request message header.
|
CoreSchema |
The OpenDJ SDK core schema contains standard LDAP RFC schema elements.
|
CoreSchemaSupportedLocales |
Provides a map of supported locale tags to OIDs.
|
CoreTokenConfig |
Represents any configuration required for the Core Token Service.
|
CoreTokenConstants |
Responsible for collecting together all constants used in the Core Token Service.
|
CoreTokenException |
Base Core Token Service exception for all sub types.
|
CoreTokenField |
CoreTokenField contains a mapping from the Java enumeration and the defined
attributes present in the LDAP Schema for the Core Token Service.
|
CoreTokenFieldTypes |
Provides the mapping between CoreTokenFields and the type of the value that is associated to
that field.
|
CorrelationHeader |
The CorrelationHeader class represents Correlation
element defined in SOAP binding schema.
|
CorsFilter |
This filters implements the resource processing of the CORS protocol.
|
CorsPolicy |
The CORS policy is responsible to handle both actual and preflight CORS requests
and set the appropriate set of response headers based on its own configuration.
|
CorsPolicy.Builder |
|
CorsPolicyProvider |
|
CountPolicy |
Enum that represents the Query supported count-policy.
|
CountPolicy |
An enum of count policy types.
|
Create |
Indicates an CREST create method on an annotated POJO.
|
Create |
Class that represents the Create Operation type in API descriptor.
|
Create.Builder |
Builder for the Create.
|
CreateMode |
Enum that represents the Create modes.
|
CreateNotSupportedException |
A specific exception for when Create is not supported, but Upsert might be being attempted so distinguish from
other BadRequestException s.
|
CreateRequest |
A request to create a new JSON resource.
|
CreateSingleton |
Types of create that might be singletons.
|
CredentialsParser<C> |
This interface is used to parse the credentials component of an Authorization HTTP header.
|
CrestAnySchema |
An extension to the Jackson AnySchema that includes the custom CREST JSON Schema attributes.
|
CrestApiProducer |
An ApiProducer implementation for CREST resources, that provides ApiDescription descriptors.
|
CrestApplication |
Declare a CREST Application.
|
CrestArraySchema |
An extension to the Jackson ArraySchema that includes the custom CREST JSON Schema attributes.
|
CrestAuthorizationModule |
A CrestAuthorizationModule authorizes client REST requests asynchronously.
|
CrestBooleanSchema |
An extension to the Jackson BooleanSchema that includes the custom CREST JSON Schema attributes.
|
CrestJsonSchemaFactory |
A JsonSchemaFactory that returns the extension schema objects rather than the default Jackson
implementations.
|
CrestObjectSchema |
An extension to the Jackson ObjectSchema that includes the custom CREST JSON Schema attributes.
|
CrestPropertyDetailsSchemaFactoryWrapper |
A SchemaFactoryWrapper that adds the extra CREST schema attributes once the Jackson schema generation has
been completed.
|
CryptoConstants |
Constants for Crypto Algorithms and Json Crypto Json pointer keys.
|
CryptoKey |
Base class for all secrets that are used as keys for cryptographic operations.
|
CryptoService |
Cryptography Service for the user self service project.
|
CsrfFilter |
A generic filter for preventing cross-site request forgery (CSRF) attacks when using cookie-based authentication.
|
CsrfFilter.Builder |
Builder class for the CSRF filter.
|
CTSOptions |
CTSOptions are intended to provide guidance to the CTS as to how it should perform the requested
operation.
|
CTSPersistentStore |
Persistent storage interface for the CTS (Core Token Service) provides callers with a generic way of storing and
retrieving objects.
|
DataDecryptionKey |
A key that is used for decrypting confidential data.
|
DataEncryptionKey |
A key that is used for encrypting confidential data.
|
DataEncryptor |
This class DataEncryptor is used to encrypt the data
with symmetric and asymmetric keys.
|
DataLayerException |
Base Data Layer exception for all sub types.
|
DataStore |
Interface which needs to be implemented to use with OAuthClient implementations.
|
DataStoreException |
Exception to be used when an error has occurred while interacting with the data store.
|
DataStoreProvider |
Interface used for storing & retrieving information.
|
DataStoreProviderException |
This class is to handle DataStoreProvider related exceptions.
|
DataStoreProviderManager |
This is a singleton class used to manage DataStore providers.
|
DateTimeValidator |
|
Debug |
Deprecated.
|
Decision |
The Decision element is a container of
one or more Decision s issued by policy decision point
|
DecisionImpl |
The Decision element is a container of
one or more Decision s issued by policy decision point
|
DecodeAction |
The class is used to perform privileged operations with
AccessController.doPrivileged()
when using
com.iplanet.services.util.Crypt to decode passwords.
|
DecodeException |
Thrown when data from an input source cannot be decoded, perhaps due to the
data being malformed in some way.
|
DecodeOptions |
Decode options allow applications to control how requests and responses are
decoded.
|
Decoder |
Decodes an HTTP message entity input stream.
|
DecryptAction |
The class is used to perform privileged operation with
AccessController.doPrivileged()
when using
com.iplanet.am.util.AMPasswordUtil to decrypt passwords.
|
DecryptionKey<T extends CryptoKey> |
Marker interface for all key types that can be used for decryption.
|
Default |
Annotation to define JSON Schema property's default-value, represented as a String .
|
DefaultingPurpose<S extends Secret> |
A purpose that can fallback to a default secret ID if the first - more specific - secret ID could not be found
in the secrets provider.
|
DefaultSessionPropertyUpgrader |
Default implementation for SessionPropertyUpgrader
This class basically just lets the session upgrade to copy every single
property into the new session.
|
DefaultValues |
The abstract class DefaultValues provides a mechanism for
services to obtain their default values dynamically instead of being
statically defined in the service XML file stored in the directory.
|
DefaultVersionBehaviour |
The default routing behaviour to use when no Accept-API-Version
is set on the request.
|
Definitions |
Class that represents API descriptor Schema definitions.
|
Definitions.Builder |
Builder to help construct the Definitions.
|
DeflateCompressionHandler |
An implementation of the CompressionHandler for DEFLATE Compressed Data Format Specification.
|
DelegatingRouteMatcher<R> |
A route matcher that delegates to a provided route matcher.
|
Delete |
Indicates an CREST delete method on an annotated POJO.
|
Delete |
Class that represents the Delete operation type in API descriptor.
|
Delete.Builder |
Builder for the Delete.
|
DeleteFailedException |
Represents a failure to delete a Token from the Core Token Service.
|
DeleteRequest |
A request to delete a JSON resource.
|
DeleteRequest |
The Delete operation allows a client to request the removal of an entry from
the Directory.
|
DeploymentId |
A deployment ID, together with its password, facilitates the generation of the cryptographic keys required to
protect a deployment, such as a root CA key-pair for SSL/TLS and a master key-pair for protecting symmetric keys
used for data encryption.
|
DeploymentId.DeploymentIdParameters |
The deployment ID information to be displayed by the deployment ID tool.
|
DereferenceAliasesPolicy |
A Search operation alias dereferencing policy as defined in RFC 4511 section
4.5.1.3 is used to indicate whether alias entries (as defined in RFC 4512)
are to be dereferenced during stages of a Search operation.
|
DerUtils |
Utility methods for reading and writing DER-encoded values.
|
Describable<D,R> |
A routing component (a CHF Handler or CREST RequestHandler ) can describe its API
by implementing this interface.
|
Describable.Listener |
Interface for listener instances.
|
DescribableHandler |
A handler that both handles Request s, and also supports querying for API Descriptors.
|
DescribedHttpApplication |
|
DescribedSyncRequestHandlerAdapter |
Version of SynchronousRequestHandlerAdapter that exposes a described handler.
|
Description |
Annotation to define JSON Schema property's description.
|
DirectEncryptionHandler |
Supports direct encryption using a shared symmetric key.
|
Directive |
Represents the name/value pair of a HTTP header directives.
|
DirectoryWatcher |
High-level interface to the WatchService API for detecting filesystem change events.
|
DitContentRule |
This class defines a DIT content rule, which defines the set of allowed,
required, and prohibited attributes for entries with a given structural
objectclass, and also indicates which auxiliary classes may be included in
the entry.
|
DitContentRule.Builder |
A fluent API for incrementally constructing DIT content rule.
|
DitStructureRule |
This class defines a DIT structure rule, which is used to indicate the types
of children that entries may have.
|
DitStructureRule.Builder |
A fluent API for incrementally constructing DIT structure rules.
|
Dn |
A distinguished name (DN) as defined in RFC 4512 section 2.3 is the
concatenation of its relative distinguished name (RDN) and its immediate
superior's DN.
|
DNValidator |
|
DomainValidator |
Validates domain
|
DoNotCacheCondition |
This is an implementation of the abstract Condition class, which
specifes that the assertion this DoNotCacheCondition is part of,
is the new element in SAML 1.1, that allows an assertion party to express
that an assertion should not be cached by the relying party for future use.
|
DriverLoadException |
Deprecated. |
DropwizardMetricsCollectionResourceProvider |
A CREST CollectionResourceProvider that adds queryFilter, field filtering, sorting abilities, and paging
to the dropwizard json metrics data.
|
DSEvent |
|
DuplicateDescriptionException |
An exception that is used when trying to merge multiple descriptors but a duplicate is detected.
|
Duration |
Represents a duration in english.
|
Dynamic |
Marks an attribute as being dynamic.
|
ECDHEncryptionHandler |
Implements Elliptic Curve Diffie-Hellman (ECDH) key agreement in ephemeral-static (ECDH-ES) mode.
|
ECDSASigningHandler |
Deprecated.
|
EcJWK |
This class implements an Elliptical Curve Json Web Key storage and manipulation class.
|
EcJWK.Builder |
EC JWK builder.
|
ECPFactory |
This is the factory class to obtain object instances for concrete elements in
the ecp schema.
|
ECPRelayState |
The ECPRelayState interface defines methods for properties
required by an ECP RelayState.
|
ECPRequest |
The ECPRequest interface defines methods for properties
required by an ECP request.
|
ECPResponse |
The ECPResponse interface defines methods for properties
required by an ECP response.
|
EdDSASigningHandler |
Deprecated.
|
EllipticCurveJwk |
Encapsulates common functionality for JWKs that represent elliptic curve keys: EcJWK and OkpJWK.
|
EmailUsernameConfig |
Configuration for the email based user name retrieval stage.
|
EmailUsernameStage |
Stage is responsible for retrieving the user name.
|
EmailVerificationWhitelist |
Simple whitelisting interface to enforce one-time use for email verification codes.
|
EmptySubscription |
An empty subscription that does nothing other than validates the request amount.
|
EncodeAction |
The class is used to perform privileged operation with
AccessController.doPrivileged()
when using
com.iplanet.services.util.Crypt to encode passwords.
|
EncryptAction |
The class is used to perform privileged operation with
AccessController.doPrivileged()
when using
com.iplanet.am.util.AMPasswordUtil to encrypt passwords.
|
EncryptedAssertion |
The EncryptedAssertion represents an assertion in
encrypted fashion, as defined by the XML Encryption Syntax and
Processing specification [XMLEnc].
|
EncryptedAttribute |
The EncryptedAttribute element represents a SAML attribute
in encrypted fashion.
|
EncryptedElement |
The EncryptedElement carries the content of an unencrypted
identifier in encrypted fasion.
|
EncryptedID |
The EncryptedID carries the content of an unencrypted
identifier in encrypted fashion.
|
EncryptedJwt |
A JWE implementation of the Jwt interface.
|
EncryptedJwtBuilder |
An implementation of a JwtBuilder that can build a JWT and encrypt it, resulting in an EncryptedJwt object.
|
EncryptedOpenIdResolver |
A resolver capable of verifying encrypted ID tokens.
|
EncryptedOpenIdResolverFactory |
|
EncryptedPrivateKeyJwtClientAuthenticationFilter |
|
EncryptedPrivateKeyJwtClientAuthenticationFilter.Builder |
Builder class for creating the Encrypted PrivateKey Jwt ClientAuthentication Filter.
|
EncryptedThenSignedJwt |
An implementation of a JWS with a nested JWE as its payload.
|
EncryptedThenSignedJwtBuilder |
An implementation of a JwtBuilder that can build a JWT and encrypt it and nest it within another signed JWT,
resulting in an SignedEncryptedJwt object.
|
EncryptedThenSignedJwtHeaderBuilder |
An implementation of a JWS Header builder that provides a fluent builder pattern to create JWS headers for
signed encrypted JWTs.
|
EncryptionHandler |
The interface for EncryptionHandlers for all the different encryption algorithms.
|
EncryptionKey<T extends CryptoKey> |
Marker interface for all key types that can be used for encryption.
|
EncryptionManager |
A service to get the appropriate EncryptionHandler for a specified Java Cryptographic encryption algorithm.
|
EncryptionMethod |
An Enum of the possible encryption methods that can be used when encrypting a JWT.
|
EntitlementCondition |
Encapsulates a Strategy to decide if a Privilege applies to a given request.
|
EntitlementException |
Entitlement related exception.
|
EntitlementModule |
Service provider interface for registering custom entitlement conditions and subjects.
|
EntitlementRegistry |
Provides methods for discovering and loading entitlements conditions and subject implementations.
|
EntitlementSubject |
Encapsulates a Strategy to decide if a Privilege applies to a given
Subject .
|
Entity |
Message content.
|
Entries |
This class contains methods for creating and manipulating entries.
|
Entries.DiffStrategy |
Defines the available strategy to compute changes.
|
Entries.NullEntry |
An Entry which implements the null object pattern.
|
Entries.ReplaceStrategy |
Defines the available strategy to generate changes.
|
Entry |
An entry, comprising of a distinguished name and zero or more attributes.
|
EntryChangeNotificationResponseControl |
The entry change notification response control as defined in
draft-ietf-ldapext-psearch.
|
EntryGenerator |
A template driven entry generator, as used by the makeldif tool.
|
EntryNotFoundException |
Thrown when the result code returned in a Result indicates that the Request
failed because the target entry was not found by the Directory Server.
|
EntryReader |
An interface for reading entries from a data source, typically an LDIF file.
|
EntryWriter |
An interface for writing entries to a data source, typically an LDIF file.
|
EnumTitle |
Annotation to provide a title for a given enum value.
|
EnumValueOfHelper<E extends Enum<E>> |
Provides a EnumValueOfHelper.valueOf(String) method as a replacement for the implicitly declared enum function
valueOf(String) , which has the advantage of not throwing exceptions when the name argument
is null or cannot be found in the enum's values.
|
Environment |
The Environment element contains information about the
enviroment of the Request context by listing a
sequence of Attribute elements associated with the
environment.
|
EnvironmentImpl |
The Environment element specifies information about the
environment requested in the Request context by listing a
sequence of Attribute elements associated with the
environment.
|
EnvironmentVariableResolver |
A property accessor that allows access to environment variables.
|
Errors |
Class that represents API descriptor ApiError errors.
|
Errors.Builder |
Builder to help construct the Errors.
|
ETag |
Describes an ETag for a given Token .
|
Evaluator |
The class evaluates entitlement request and provides decisions.
|
EventException |
Exception occurs while setting an event request or when trigering the
"entryChanged()" method after a persistent search results are received from
the Directory Server.
|
EventService |
The EventService is responsible for listening to and dispatching to listening objects
messages returning from persistent searches running in an underlying LDAP implementation.
|
Evidence |
The Evidence element specifies an assertion either by
reference or by value.
|
Evidence |
The Evidence element contains one or more assertions or
assertion references that the SAML authority relied on in issuing the
authorization decision.
|
EvidenceBase |
The Evidence element specifies an assertion either by
reference or by value.
|
Evolving |
This annotation marks AM APIs that are continuing to evolve and so should be expected to change, potentially in
backwards-incompatible ways even in a minor release.
|
EvolvingAll |
This annotation marks AM APIs that are continuing to evolve and so should be expected to change, potentially in
backwards-incompatible ways even in a minor release.
|
Example |
Specify an example value for the JSON schema.
|
ExampleValue |
An annotation to specify an example value for the attribute.
|
ExceptionHandler<E> |
A completion handler for consuming exceptions which occur during the execution of
asynchronous tasks.
|
ExecutorServiceFactory |
Responsible for generating ExecutorService instances which are automatically
wired up to shutdown when the ShutdownListener event triggers.
|
ExpiredTokenException |
An exception generated by a TokenHandler on extraction when the token is expired.
|
ExpiryStrategy<T> |
|
ExtendedRequest<S extends ExtendedResult> |
The Extended operation allows additional operations to be defined for
services not already available in the protocol; for example, to implement an
operation which installs transport layer security (see
StartTlsExtendedRequest ).
|
ExtendedRequestDecoder<R extends ExtendedRequest<S>,S extends ExtendedResult> |
A factory interface for decoding a generic extended request as an extended
request of specific type.
|
ExtendedResult |
A Extended result indicates the status of an Extended operation and any
additional information associated with the Extended operation, including the
optional response name and value.
|
ExtendedResultDecoder<S extends ExtendedResult> |
A factory interface for decoding a generic extended result as an extended
result of specific type.
|
Extensions |
The interface Extensions defines methods for
adding protcol message extension elements.
|
ExternalKeyWrappingStrategy |
A service provider interface for externalizing the strategy used for wrapping individual private/secret keys.
|
ExternalRequestContext |
A representation of the external HTTP request in the current tree authentication context.
|
ExternalRequestContext.Builder |
|
FacebookClient |
OAuth 2.0 Client Implementation that supports Facebook.
|
FacebookClientConfiguration |
Configuration used for Facebook Client Implementation.
|
FacebookClientConfiguration.Builder |
Builder used to create FacebookClientConfiguration instance.
|
Factory<T> |
A factory interface.
|
FailableInputStream |
Wraps an existing InputStream , supporting a failed state that is checked before and after each operation.
|
FailedToLoadJWKException |
Unable to load the JWK/x5u location points.
|
FallbackAuthContext |
|
FallbackJwtCryptographyHandler |
|
FedletAdapter |
The FedletAdapter abstract class provides methods
that could be extended to perform user specific logics during SAMLv2
protocol processing on the Service Provider side.
|
FieldStorageScheme |
This interface defines a field storage scheme.
|
FileBranchingStream |
|
Filter |
Filters the request and/or response of an HTTP exchange.
|
Filter |
An interface for implementing request handler filters.
|
Filter |
A search filter as defined in RFC 4511.
|
Filter.FilterType |
This enumeration defines the set of possible filter types that may be used for search filters.
|
FilterChain |
A chain of filters terminated by a target request handler.
|
FilterCondition |
A condition which controls whether or not a filter will be invoked or not.
|
Filters |
Utility methods for creating common types of filters.
|
Filters |
This class contains methods for creating various kinds of Filter and
FilterCondition s.
|
FlatFileResolver |
A PropertyResolver in which each property is stored in its own file in some directory.
|
FloatValidator |
|
FlowableDecoder |
Decodes an HTTP message entity flow.
|
ForbiddenException |
An exception that is thrown when access to a resource is forbidden during an
operation on an resource.
|
ForgottenPasswordConsoleConfig |
Represents forgotten password console configuration.
|
ForgottenPasswordConsoleConfig.ForgottenPasswordBuilder |
|
ForgottenUsernameConsoleConfig |
Represents forgotten username console configuration.
|
ForgottenUsernameConsoleConfig.ForgottenUsernameBuilder |
|
Form |
Form fields, a case-sensitive multi-string-valued map.
|
Format |
Annotation to mark a JSON Schema property's format field.
|
ForwardedHeader |
A Header representation of the Forwarded HTTP header.
|
ForwardedHeader.Hop |
This class represents a request's hop detail.
|
Function<VIN,VOUT,E extends Exception> |
A synchronous function which returns a result immediately.
|
Functions |
Common Function implementations which may be used when parsing attributes.
|
GeneralizedTime |
An LDAP generalized time as defined in RFC 4517.
|
GenericControl |
A generic control which can be used to represent arbitrary raw request and
response controls.
|
GenericExtendedRequest |
A generic Extended request which should be used for unsupported extended
operations.
|
GenericExtendedResult |
A Generic Extended result indicates the final status of an Generic Extended
operation.
|
GenericHeader |
An undecoded HTTP message header.
|
GenericIntermediateResponse |
A Generic Intermediate response provides a mechanism for communicating
unrecognized or unsupported Intermediate responses to the client.
|
GenericOpenIdResolver<J extends Jwt> |
Validation of Open ID Connect JWTs via verification of their internals (issuer, audience, signature, etc.).
|
GenericSecret |
A generic secret represented as an opaque blob of bytes, such as a password or API key.
|
GetComplete |
This interface contains methods for the GetComplete
Element in the SAMLv2 Protocol Schema.
|
GetEffectiveRightsRequestControl |
A partial implementation of the get effective rights request control as
defined in draft-ietf-ldapext-acl-model.
|
GlobalConfiguration<T> |
|
GoogleKmsAesCipher |
A Cipher implementation using Google KMS symmetric encryption/decryption.
|
GoogleKmsEncryptedPropertyFormat |
|
GoogleKmsKey |
Abstract base class for keys stored in Google KMS.
|
GoogleKmsPrivateKey |
Represents a private key stored in the Google Cloud Platform Key Management Service.
|
GoogleKmsProvider |
Provides implementations of Java Cryptography Architecture primitives that use the Google Cloud Platform Key
Management Service.
|
GoogleKmsRsaCipher |
A cipher implementation for RSA-OAEP based on Google Cloud KMS.
|
GoogleKmsSecretKey |
A symmetric secret key stored in Google KMS.
|
GoogleKmsSecretStore |
A secret store that can provide cryptographic keys based on the Google Cloud Platform Key Management Service.
|
GoogleKmsSecretStore.Builder |
|
GoogleKmsSignature |
Implementation of the Java Signature SPI that delegates signature operations to the Google Cloud Platform Key
Management Service.
|
GoogleKmsSignature.RSAPSS |
Implements generic RSA-PSS signing.
|
GoogleKmsSignature.WithSHA256 |
Implements signing with the SHA-256 message digest.
|
GoogleKmsSignature.WithSHA384 |
Implements signing with the SHA-384 message digest.
|
GoogleKmsSignature.WithSHA512 |
Implements signing with the SHA-512 message digest.
|
GoogleSecretManagerSecretStore |
A secret store that can read secrets directly from Google Secret Manager.
|
GoogleSecretManagerSecretStore.Builder |
|
GoogleSecretManagerSecretStoreProvider |
|
GrantType |
Identifies the OAuth2 Authorization Grant (aka OAuth2 Flow) undertaken to obtain an OAuth2 token.
|
GserParser |
This class implements a parser for strings which are encoded using the
Generic String Encoding Rules (GSER) defined in RFC 3641.
|
Handler |
Details of a handler.
|
Handler |
Asynchronously handles an HTTP Request by producing an associated Response .
|
Handlers |
Utility methods for creating common types of handlers.
|
Header |
An HTTP message header.
|
HeaderFactory<H extends Header> |
Creates instances of Header classes from String representation.
|
Headers |
Message headers, a case-insensitive multiple-value map.
|
HeaderUtil |
Utility class for processing values in HTTP header fields.
|
HealthCheckRestRouteProvider |
A RestRouteProvider that add routes for the AM health check endpoints.
|
HealthGuiceModule |
Guice module for binding together AM health services and endpoints.
|
Hex |
Routines for encoding and decoding binary data in hexadecimal format.
|
HKDFKeyGenerator |
Implements the HKDF key deriviation function to allow a
single input key to be expanded into multiple component keys.
|
HKDFKeyGenerator.HKDFMasterKey |
A secret key designed to be used as the master key for HKDF key generation.
|
HmacSigningHandler |
Deprecated.
|
HsmKeyStoreLoader |
A loader for the KeyStoreSecretStore that knows how to load standard PKCS#11 Hardware Security Module
(HSM) providers on our supported platforms.
|
HttpApplication |
Configuration class to configure the HttpApplication instance.
|
HttpApplicationException |
An exception that is thrown during a Http Application start up when the start up of the application fails.
|
HttpCallback |
HttpCallback class implements Callback
and is used by the authentication module with HTTP protocol based
handshaking negotiation.
|
HttpCallbackHandler |
Callback handler for the JASPI runtime.
|
HttpClient |
An SPI interface for HTTP Client implementations.
|
HttpClientHandler |
An HTTP client for sending requests to remote servers.
|
HttpClientHandler.HostnameVerifier |
SSL host name verification policies.
|
HttpClientHandler.ProxyInfo |
Encapsulates the details of the proxy if one is required when making outgoing requests.
|
HttpClientProvider |
A provider interface for obtaining HttpClient instances.
|
HttpClientRequest |
Models the request that a script can send over a HttpClient .
|
HttpClientRequestCookie |
|
HttpClientRequestFactory |
Factory provided to hide implementation details from the scripting module.
|
HttpClientResponse |
|
I18n |
The I18n class provides methods for applications and services
to internationalize their messages.
|
I18nKey |
Annotate the choice value enum constant for an Attribute with a i18nKey value property.
|
IAuthorizer |
Deprecated. |
Id |
Indicates that a method returns the identifier of a configuration set of a multiple-configuration SMS service.
|
IdConstants |
|
IdentifierQueryResourceHandler |
|
Identity |
Models an identity within AM.
|
IdentityConfiguration<T> |
This interface identifies the ServiceComponentConfig as containing configuration that is applied
to an identity.
|
IdEventListener |
Represents the event listener interface that consumers of this API should
implement and register with the AMIdentityRepository to receive
notifications.
|
IdGenerator |
Defines the contract to generate global unique identifiers.
|
IdGenerator.SequenceUuidIdGenerator |
Default implementation of the IdGenerator that will output some ids based on the following pattern :
<uuid> + '-' + an incrementing sequence .
|
IdOperation |
The class IdOperation defines the types of operations
supported on managed identities, and provides static constants for these
operation.
|
IDPAccountMapper |
The interface IDPAccountMapper is used to map the local identities to the SAML protocol
objects and also the vice versa for some of the protocols for e.g.
|
IDPAccountMapper |
The interface IDPAccountMapper is used to map the
local identities to the SAML protocol objects and
also the vice versa for some of the protocols for e.g.
|
IdpAdapterScriptHelper |
Provides helper functions for IDP Adapter Script Implementations.
|
IDPAttributeMapper |
This interface IDPAttributeMapper is used to map the
authenticated user configured attributes to SAML Attribute s
so that the SAML framework may insert these attribute information as SAML
AttributeStatement s in SAML Assertion .
|
IDPAttributeMapper |
This interface IDPAttributeMapper is used to map the
authenticated user configured attributes to SAML Attribute s
so that the SAML framework may insert these attribute information as SAML
AttributeStatement s in SAML Assertion .
|
IdpAttributeMapperScriptHelper |
This class exposes methods that are only intended to be used by IDP Attribute Mapper script types.
|
IDPAuthenticationMethodMapper |
The interface IDPAuthenticationMethodMapper creates an
IDPAuthenticationTypeInfo based on the RequestAuthnContext from
the AuthnRequest sent by a Service Provider and the AuthnContext
configuration at the IDP entity config.
|
IDPAuthenticationTypeInfo |
The class IDPAuthenticationTypeInfo consists of the mapping
between AuthenticationType and the actual
authentication mechanism at the Identity Provider.
|
IDPAuthnContextInfo |
The class IDPAuthnContextInfo consists of the mapping
between AuthnContextClassRef and the actual
authentication mechanism at the Identity Provider.
|
IDPAuthnContextMapper |
The interface IDPAuthnContextMapper creates an
IDPAuthnContextInfo based on the RequestAuthnContext from
the AuthnRequest sent by a Service Provider and the AuthnContext
configuration at the IDP entity config.
|
IDPECPSessionMapper |
This interface IDPECPSessionMapper is used to find a valid
session from HTTP servlet request on IDP with ECP profile.
|
IDPEntry |
This interface defines methods to set/retrieve single identity provider
information trusted by the request issuer to authenticate the presenter.
|
IDPList |
This interface specifies the identity providers trusted by the requester
to authenticate the presenter.
|
IdRepo |
This interface defines the methods which need to be implemented by plugins.
|
IdRepoConfig |
Indicates that an interface describes the configuration of an Identity Repository.
|
IdRepoDuplicateObjectException |
An exception type thrown when an IdRepo is asked to
create an object with a name that is already used.
|
IdRepoException |
The exception class whose instance is thrown if there is any error during the
operation of objects of the com.sun.identity.sms package.
|
IdRepoFatalException |
The exception class whose instance is thrown if there is any error during the
operation of objects of the com.sun.identity.sms package.
|
IdRepoListener |
Provides methods that can be called by IdRepo plugins to notify change
events.
|
IdRepoUnsupportedOpException |
The exception class whose instance is thrown if there is any error during the
operation of objects of the com.sun.identity.sms package.
|
IdSearchControl |
This is a helper class which is used in the AMIdentityRepository
search method.
|
IdSearchOpModifier |
This is a helper class which can be in conjunction with the
IdSearchControl class to make simple modifications to the
basic search performed by each plugin.
|
IdSearchResults |
This class IdSearchResults provides to obtain the search
results.
|
IDSEventListener |
The purpose of this interface is to allow classes that implement this
interface to listen to Directory Server Events.
|
IdType |
The class IdType defines the types of supported identities,
and provides static constants for these identities.
|
IdUtils |
The class defines some static utilities used by other components like policy
and auth
|
IFSConstants |
Deprecated. |
IllegalStageTagException |
Exception that represents an unknown stage tag.
|
IncomparableRouteMatchException |
An exception which is thrown when two incompatible RouteMatch
instances are attempted to be compared.
|
Indexed<T> |
Interface of an object that can be indexed with a unique key.
|
Indexer |
This class is registered with a Backend and it provides callbacks
for indexing attribute values.
|
IndexingOptions |
Contains options indicating how indexing must be performed.
|
IndexQueryFactory<T> |
A factory for creating arbitrarily complex index queries.
|
IntDate |
This class provides utility methods for converting Java Date objects into and from IntDates.
|
IntermediateResponse |
An Intermediate response provides a general mechanism for defining
single-request/multiple-response operations.
|
IntermediateResponseHandler |
A completion handler for consuming intermediate responses returned from
extended operations, or other operations for which an appropriate control was
sent.
|
InternalServerErrorException |
An exception that is thrown during an operation on a resource when the server
encountered an unexpected condition which prevented it from fulfilling the
request.
|
IntrospectableToken |
An OAuth 2.0 token abstraction for introspection.
|
InvalidAttributeNameException |
The InvalidAttributeNameException is thrown to indicate that
an invalid attribute name was used.
|
InvalidAttributeValueException |
|
InvalidAudException |
Invalid audience.
|
InvalidFormatException |
Exception thrown if a name of an object such as policy, rule or
referral has invalid format
|
InvalidIssException |
Invalid issuer.
|
InvalidJwtException |
Represents an exception that occurs when a JWT is determined as invalid.
|
InvalidJWTException |
Invalid JWT.
|
InvalidNameException |
Exception thrown if a name of an object such as policy, rule or
referral is invalid
|
InvalidOAuthClientException |
Client authentication failed (e.g., unknown client, no client
authentication included, or unsupported authentication method).
|
InvalidOAuthRequestException |
Exception to be used when an OAuth Request cannot be handled due to known causes.
|
InvalidPasswordException |
Exception that is thrown when the user-entered password token causes the
authentication module to be authenticated to fail.
|
InvalidRequest |
Represents a request which has been received and decoded but but is invalid according to the LDAP standard because of
an invalid DN syntax or an invalid attribute syntax.
|
InvalidRequestException |
Thrown when the request is missing any required parameters or is otherwise malformed.
|
InvalidSignatureException |
Invalid signature.
|
InvalidTokenException |
An exception generated by a TokenHandler on validation or extraction when the token is invalid.
|
IO |
Utility class that can stream to and from streams.
|
IotAuthenticationNode |
This node handles the authentication of things.
|
IotAuthenticationNode.AuthenticationOutcomeProvider |
Defines the possible outcomes from this node.
|
IotAuthenticationNode.Config |
Configuration for the node.
|
IotAuthenticationNode.JwtAuthenticationMethod |
The JWT authentication method used to verify the JWT presented for authentication.
|
IotGuiceModule |
The IotGuiceModule handles all the Guice dependency injections to allow the plugin to be operational within AM.
|
IotPlugin |
Installs the IoT authentication nodes and services.
|
IotRegistrationNode |
This node handles the registration of things.
|
IotRegistrationNode.Config |
Configuration for the node.
|
IotRegistrationNode.JwtRegistrationMethod |
The JWT registration method used to verify the JWT presented for registration.
|
IotRegistrationNode.RegistrationOutcomeProvider |
Defines the possible outcomes from this node.
|
IotRestRouteProvider |
IotRestRouteProvider adds the IoT routes to the CREST router.
|
IotSecretIdProvider |
This provider exposes the secret IDs used by the IoT component to the
SecretIdRegistry .
|
IotServiceConfig |
Service interface for configuring the IoT Service.
|
IotServiceConfig.RealmConfig |
Realm config interface holding the config for the IoT service attributes.
|
ISSecurityPermission |
This class ISSecurityPermission is used to protect the Access
Manager resources which should be accessed only by trusted application.
|
Issuer |
The Issuer provides information about the issuer of
a SAML assertion or protocol message.
|
Items |
Class that represents the Items type in API descriptor.
|
Items.Builder |
Builder to help construct the Items .
|
IVerifierOutput |
Deprecated. |
JacksonUtils |
Some utilities for dealing with Jackson schemas.
|
JaspiAdapters |
Adapter class implementing methods that adapt to and from JASPI interfaces to be able to
inter-op with pure JASPI implementations.
|
JavaBeanAdapter<T> |
A TokenAdapter that can adapt Java bean-compliant POJOs that have been annotated with the annotations in
org.forgerock.openam.tokens.
|
JavaBeanAdapterFactory |
|
JoseSecretConstraints |
|
Json |
Provides read and write JSON capabilities.
|
Json.JsonValueModule |
Jackson Module that uses a mixin to make sure that a JsonValue instance is
serialized using its #getObject() value only.
|
Json.LocalizableStringModule |
|
JsonCaveatSet |
|
JsonCaveatVerifier |
Implements caveats that are structured as JSON objects.
|
JsonCryptoException |
An exception that is thrown during JSON cryptographic operations.
|
JsonException |
An exception that is thrown during JSON operations.
|
JsonPatch |
Processes partial modifications to JSON values.
|
JsonPatchValueTransformer |
RFC6902 expects the patch value to be a predetermined, static value to be used in the
patch operation's execution.
|
JsonPointer |
Identifies a specific value within a JSON structure.
|
JSONSerialisation |
Responsible for serialising and deserialising objects to and from JSON.
|
JsonValue |
Represents a value in a JSON object model structure.
|
JsonValueException |
An exception that is thrown during JSON value operations.
|
JsonValueFilterVisitor |
A QueryFilterVisitor that returns true if the provide JsonValue meets the criteria of
the QueryFilter assertions and false if it does not.
|
JsonValueFunctions |
This class contains the utility functions to convert a JsonValue to another type.
|
JsonValueFunctions |
This class contains the utility functions to convert a JsonValue to CREST (json-resource) types.
|
JsonValuePropertyEvaluator |
A utility that traverses a JsonValue and does property substitution as well as type coercion.
|
JsonValuePropertyEvaluator.CoercionFunctionSpec |
The specification for a coercion function.
|
JsonValuePropertyEvaluator.CoercionFunctionSpecBuilder |
|
JsonValueResolver |
A configuration property resolver that uses a JsonValue to resolve properties.
|
JsonValueTraverseFunction |
An implementation of Function that recursively traverses the JsonValue and applies some
transformation if needed.
|
JweAlgorithm |
An Enum of the possible encryption algorithms that can be used to encrypt a JWT.
|
JweAlgorithmType |
An Enum of the possible types of JWE algorithms that can be used to encrypt a JWT.
|
JweCompressionException |
Represents an exception for when compression/decompression of the plaintext fails.
|
JweDecryptionCheckedException |
|
JweDecryptionException |
Represents an exception for when decryption of the JWE fails.
|
JweEncryption |
This class represents the result from the encryption process of the JWT plaintext.
|
JweEncryptionException |
Represents an exception for when encryption of the JWE fails.
|
JweException |
Represents a generic exception for JWE operations.
|
JweHeader |
An implementation for the JWE Header parameters.
|
JweHeaderBuilder<B extends EncryptedJwtBuilder> |
An implementation of a JWE Header builder that provides a fluent builder pattern to create JWE headers.
|
JweHeaderKey |
An Enum for the additional JWE Header parameter names.
|
JWK |
The abstract base class for the 3 implementations of JWK.
|
JWK.Builder<B extends JWK.Builder> |
JWK builder.
|
JwkKeyFormat |
Exports keys in JSON Web Key (JWK) format.
|
JWKLookup |
Helper class to look up and return the keys from specific JWK implementation
algorithm types.
|
JWKOpenIdResolverImpl |
This class exists to allow Open Id Providers to supply or promote a JWK exposure point for
their public keys.
|
JWKSet |
Holds a Set of JWKs.
|
JWKSetParser |
Provides methods to gather a JWKSet from a URL and return
a map of key ids to keys as dictated by that JWKS.
|
JwkSetSecretStore |
A secret store that loads cryptographic keys from a local or remote JWKSet .
|
JwksStore |
Store JWKs into a jwkSet from a JWKs_URI and refresh the jwkSet when necessary.
|
JwksStoreService |
Manage the jwks store, to avoid having more than one jwks store for the same JWKs_URI unnecessary.
|
JWObject |
A base implementation class for a JSON Web object.
|
JwsAlgorithm |
An Enum of the possible signing algorithms that can be used to sign a JWT.
|
JwsAlgorithmType |
An Enum of the possible types of JWS algorithms that can be used to sign a JWT.
|
JwsException |
Represents a generic exception for JWS operations.
|
JwsHeader |
An implementation for the JWS Header parameters.
|
JwsHeaderBuilder |
An implementation of a JWS Header builder that provides a fluent builder pattern to create JWS headers.
|
JwsHeaderKey |
An Enum for the JWS Header parameter names.
|
JwsSigningException |
Represents an exception for when signing of the JWS fails.
|
JwsVerifyingException |
Represents an exception for when verification of the JWS signature fails.
|
Jwt |
The interface for all types of JSON Web Tokens (JWTs).
|
JwtAuthenticationTokenStore |
A secret store that authenticates to Vault using a JWT.
|
JwtBuilder |
The base interface for all JwtBuilders for each type of JWT (plaintext, signed or encrypted).
|
JwtBuilderException |
Represents an exception that occurs when creating/rebuilding JWTs.
|
JwtBuilderFactory |
A factory for getting builders for plaintext, signed and encrypted JWTs and reconstructing JWT strings back into
their relevant JWT objects.
|
JwtClaimsSet |
An implementation that holds a JWT's Claims Set.
|
JwtClaimsSetBuilder |
An implementation of a JWT Claims Set builder that provides a fluent builder pattern to creating JWT Claims Sets.
|
JwtClaimsSetKey |
An Enum for the JWT Claims Set names.
|
JwtCryptographyHandler |
An abstraction of the cryptographic operations that the JWT session modules will need to do to create a read JWTs.
|
JwtExpiredException |
Expired JWT.
|
JwtHeader |
A base implementation class for JWT Headers.
|
JwtHeaderBuilder<T extends JwtBuilder,B extends JwtHeaderBuilder<T,B>> |
A base implementation of a JWT header builder that provides a fluent builder pattern to creating JWT headers.
|
JwtHeaderKey |
An Enum for the JWT Header parameter names.
|
JwtReconstruction |
|
JwtReconstructionException |
Represents an exception that occurs when reconstructing JWTs.
|
JwtRequestParameterOption |
Enum denoting how the request parameter jwt would to be sent to the OIDC provider.
|
JwtRuntimeException |
Represents a generic exception for JWT operations.
|
JwtSecureHeader |
A base implementation for the common security header parameters shared by the JWS and JWE headers.
|
JwtSecureHeaderBuilder<T extends JwtBuilder,B extends JwtSecureHeaderBuilder<T,B>> |
A base implementation of a JWT header builder, for the common security header parameters shared by the JWS and JWE
headers, that provides a fluent builder pattern to creating JWT headers.
|
JwtSessionCookie |
Abstraction of a cookie to allow for the CHF Cookie
and the Http Cookie .
|
JwtSessionModule |
A JASPI CHF Session Module which creates a JWT when securing the response from a successful authentication
and sets it as a Cookie on the response.
|
JwtTokenHandler |
Deprecated.
|
JwtTokenHandlerConfig |
Configuration for a JwtTokenHandler.
|
JwtType |
An Enum for the possible types of JWTs.
|
KbaConfig |
Represents a single KBA question in various Locales.
|
KeyAgreementKey |
A key that is used in a key-agreement protocol (such as Diffie-Hellman) to agree another key.
|
KeyDecryptionKey |
A key that is used to decrypt (or "unwrap") other keys that have been encrypted with a KeyEncryptionKey .
|
KeyEncryptionKey |
A key that is used to encrypt ("wrap") other keys.
|
KeyFormat<T> |
A format that can be used for exporting key material.
|
KeyFormatPem |
Exports a key in the PEM (Privacy Enhanced Mail) format.
|
KeyFormatRaw |
Exports the raw key.
|
KeyInfoConfirmationData |
The KeyInfoConfirmationData constrains a
SubjectConfirmationData element to contain one or more
ds:KeyInfo elements that identify cryptographic keys that are
used in some way to authenticate an attesting entity.
|
KeyManagers |
This class contains methods for creating common types of key manager.
|
KeyOperation |
Represents the Possible key operations values.
|
KeyProvider |
The class KeyProvider is an interface
that is implemented to retrieve X509Certificates and Private Keys from
user data store.
|
KeyStoreBasedSecretStoreProvider |
|
KeyStoreBuilder |
Builder class for loading key stores.
|
KeyStoreJwtCryptographyHandler |
Deprecated.
|
KeyStoreKeyIdProvider |
This interface allows customization of the key ID values associated with public keys stored in
KeyStoreSecretStore s.
|
KeyStoreManager |
A class that manages a Java Key Store and has methods for extracting out public/private keys and certificates.
|
KeystoreManagerException |
Represents an exception from an operation using the KeyStoreManager class.
|
KeyStoreObjectCache |
A service provider interface for implementing key store caches.
|
KeyStoreParameters |
The parameters which configure how the LDAP key store will be accessed.
|
KeyStoreSecretStore |
A secret store for cryptographic keys based on a standard Java KeyStore .
|
KeyStoreSecretStore.AliasSpec |
Specifies an alias with its validity for use in the store.
|
KeyStoreSecretStore.StableIdProvider |
An interface to allow the consuming application to provide the stable ID for the secret.
|
KeyStoreType |
Deprecated.
|
KeyType |
Enum representing the possible KeyTypes.
|
KeyType |
Indicates the type of key.
|
KeyUsage |
Indicates the allowed usages for a particular key.
|
KeyUseConstants |
Represents the supported KeyUse values.
|
LambdaExceptionUtils |
Utility methods for interacting with lambdas that throw exceptions.
|
LazyList<E> |
A list with lazy initialization.
|
LazyMap<K,V> |
A map with lazy initialization.
|
LazySupplier<T,E extends Exception> |
A Supplier that lazily computes a value the first time it is accessed and then caches the result to return
on subsequent requests.
|
Ldap |
This class contains various static utility methods encoding and decoding LDAP
protocol elements.
|
LdapClient |
An LDAP client provides an interface for obtaining a connection to a Directory Server.
|
LdapClients |
This class contains methods for creating and manipulating LDAP clients and connections.
|
LdapClientSocket |
A connection with a Directory Server over which read and update operations may be performed.
|
LdapConnectionFactory |
A factory class which can be used to obtain connections to an LDAP Directory Server.
|
LdapException |
Thrown when the result code returned in a Result indicates that the Request
was unsuccessful.
|
LdapMessage |
Encapsulates a ProtocolOp with LDAP specific message information.
|
LdapPromise<S> |
A handle which can be used to retrieve the Result of an asynchronous Request.
|
LdapReader |
Reads LDAP messages from an underlying ASN.1 reader.
|
LdapResultHandler<S> |
A completion handler for consuming the result of an asynchronous operation or
connection attempts.
|
LdapServer |
An LDAP server connection listener which waits for LDAP connection requests to come in over the network and binds
them to a server connection created using the provided server connection factory.
|
LdapSession |
Server side representation of a connected LDAP client.
|
LdapSocket |
A reactive socket implementation representing a stream of LDAP messages.
|
LdapUrl |
An LDAP URL as defined in RFC 4516.
|
LDAPUtils |
Utility methods to help interaction with the OpenDJ LDAP SDK.
|
LDAPUtils.CachedPoolOptions |
A model object that contains the settings used for cached connection pools.
|
LDAPUtils.FailoverLdapClient |
Simple failover Ldap Client.
|
LdapWriter |
Writes LDAP messages to an underlying ASN.1 writer.
|
Ldif |
This class contains common utility methods for creating and manipulating
readers and writers.
|
LdifChangeRecordReader |
An LDIF change record reader reads change records using the LDAP Data
Interchange Format (LDIF) from a user defined source.
|
LdifChangeRecordWriter |
An LDIF change record writer writes change records using the LDAP Data
Interchange Format (LDIF) to a user defined destination.
|
LdifEntryReader |
An LDIF entry reader reads attribute value records (entries) using the LDAP
Data Interchange Format (LDIF) from a user defined source.
|
LdifEntryWriter |
An LDIF entry writer writes attribute value records (entries) using the LDAP
Data Interchange Format (LDIF) to a user defined destination.
|
LimitExceededException |
Exception thrown if any configured limit is exceeded
|
LinkedAttribute |
An implementation of the Attribute interface with predictable iteration order.
|
LinkedHashMapEntry |
An implementation of the Entry interface which uses a LinkedHashMap for storing attributes.
|
LinkedInClient |
Oauth 2.0 Client Implementation that supports LinkedIn.
|
LinkedInClientConfiguration |
|
LinkedInClientConfiguration.Builder |
|
ListDecorator<E> |
Wraps another map.
|
ListenableConfig |
Annotated configuration classes implementing this interface will be able to have listeners
registered to be invoked on configuration changes.
|
Listener |
Builder responsible for providing fluent-like functions for building up
Action instances which will respond to changes in Service configuration.
|
Listener.Action |
A generic listener which will respond to a configuration or schema change event.
|
Listener.ConfigType |
|
Listener.ServiceListenerEvent |
Represents an event provided to a service listener.
|
ListMultimap<K,V> |
Deprecated.
|
Lists |
Provides helper methods for List .
|
LivenessCheck |
This interface defines the contract for checking whether an AM service or component is alive and able to function
independent of the state of any 3rd party dependencies or whether the service or component has fallen over to the
point of being beyond recovery.
|
LivenessCheckEndpoint |
CHF endpoint that reports AMs liveness, pertaining to the characteristics laid out in the Kubernetes documentation
for the liveness probe.
|
LoadBalancerEventListener |
An object that registers to be notified when an LDAP client associated
with a load-balancer changes state from offline to online or vice-versa.
|
Loader |
An SPI interface for implementing alternative service loading strategies.
|
Loader |
Provides methods for dynamically loading classes.
|
Locale |
This class Locale.java is a utility that provides
functionality for applications and services to internationalize their
messages.
|
LocaleUtils |
Utility class for Locales.
|
LocalizableException |
A mix-in interface which can be used to identify exceptions which support
localization.
|
LocalizableMessage |
A localizable message whose String representation can be retrieved in
one or more locales.
|
LocalizableMessageBuilder |
A mutable sequence of localizable messages and their parameters.
|
LocalizableMessageDescriptor |
An opaque handle to a localizable message.
|
LocalizableMessageDescriptor.Arg0 |
Subclass for creating messages with no arguments.
|
LocalizableMessageDescriptor.Arg1<T1> |
Subclass for creating messages with one argument.
|
LocalizableMessageDescriptor.Arg2<T1,T2> |
Subclass for creating messages with two arguments.
|
LocalizableMessageDescriptor.Arg3<T1,T2,T3> |
Subclass for creating messages with three arguments.
|
LocalizableMessageDescriptor.Arg4<T1,T2,T3,T4> |
Subclass for creating messages with four arguments.
|
LocalizableMessageDescriptor.Arg5<T1,T2,T3,T4,T5> |
Subclass for creating messages with five arguments.
|
LocalizableMessageDescriptor.Arg6<T1,T2,T3,T4,T5,T6> |
Subclass for creating messages with six arguments.
|
LocalizableMessageDescriptor.Arg7<T1,T2,T3,T4,T5,T6,T7> |
Subclass for creating messages with seven arguments.
|
LocalizableMessageDescriptor.Arg8<T1,T2,T3,T4,T5,T6,T7,T8> |
Subclass for creating messages with eight arguments.
|
LocalizableMessageDescriptor.Arg9<T1,T2,T3,T4,T5,T6,T7,T8,T9> |
Subclass for creating messages with nine arguments.
|
LocalizableMessageDescriptor.ArgN |
Subclass for creating messages with an any number of arguments.
|
LocalizableOperation |
Localizable Operation .
|
LocalizableRefProperty |
Localizable RefProperty .
|
LocalizableString |
Represents a String which could be localizable.
|
LocalizableTag |
Localizable Tag .
|
LocalizedIllegalArgumentException |
Thrown to indicate that a method has been passed an illegal or inappropriate argument.
|
LocalizedKeyStoreException |
|
LocalizedLogger |
A logger implementation which formats and localizes messages before
forwarding them to an underlying SLF4J Logger .
|
LocalizedLoggerFactory |
A factory of LocalizedLogger instances which obtains a SLF4J
Logger by calling the appropriate LoggerFactory method and
wrapping it in an instance of LocalizedLogger .
|
LocalizedMarker |
An implementation of SLF4J marker that contains a LocalizableMessage
and does not allow to manage references to other markers.
|
LocationHeader |
Processes the Location message header.
|
LockedSecretStoreProvider |
|
LogConstants |
Deprecated. |
LogException |
Deprecated. |
LogException |
Deprecated. |
Logger |
Deprecated. |
Logger |
Deprecated. |
LogManager |
Deprecated. |
LogoutRequest |
This class represents the LogoutRequest element in
SAML protocol schema.
|
LogoutResponse |
This class represents the LogoutResponse element in
SAML protocol schema.
|
LogQuery |
Deprecated. |
LogReader |
Deprecated. |
LogRecord |
Deprecated. |
Logs |
Helper class for logging securely sensitive values.
|
Macaroon |
A macaroon is a cryptographically protected token which can be attenuated by appending caveats.
|
Macaroon.Caveat |
Represents a caveat on a macaroon.
|
MacaroonEncodingException |
|
MacaroonToken<T extends IntrospectableToken> |
An OAuth2 access or refresh token that is represented as a Macaroon .
|
MacaroonVerifier |
A macaroon verifier is used to verify the caveats on a Macaroon .
|
MacaroonVerifierResult |
Indicates whether a macaroon was successfully verified or not.
|
MailAddressValidator |
Validates mail address This class is constructed using default(noarguments)
constructor and mail address is passed to validate function with optional
rules The passed mail address is validated for authenticity and boolean value
is returned accordingly.
|
MailServer |
Pluggable interface for all email sending in OpenAM.
|
MalformedHeaderException |
Thrown when a header string cannot be parsed to a rich Header implementation.
|
ManageDsaItRequestControl |
The ManageDsaIT request control as defined in RFC 3296.
|
ManageNameIDRequest |
This class represents the ManageNameIDRequestType complex type.
|
ManageNameIDResponse |
This class represents the ManageNameIDResponse element declaration.
|
MapDecorator<K,V> |
Wraps another map.
|
MapFilterVisitor<F> |
|
MapKeyStoreParameters |
Configures a keystore based on a key/value map.
|
MatchedValuesRequestControl |
The matched values request control as defined in RFC 3876.
|
Matcher |
A compiled search Filter which may be used for matching against entries.
|
Matcher.MatcherType |
The types of compiled matcher.
|
MatchingRule |
This class defines a data structure for storing and interacting with matching
rules, which are used by servers to compare attribute values against
assertion values when performing Search and Compare operations.
|
MatchingRule.Builder |
A fluent API for incrementally constructing matching rules.
|
MatchingRule.MatchingRuleType |
Represents the types of matching rules, according to RFC 4517 section 4.1.
|
MatchingRuleImpl |
This interface defines the set of methods that must be implemented to define
a new matching rule.
|
MatchingRuleUse |
This class defines a data structure for storing and interacting with a
matching rule use definition, which may be used to restrict the set of
attribute types that may be used for a given matching rule.
|
MatchingRuleUse.Builder |
A fluent API for incrementally constructing matching rule uses.
|
MdcAwareAction |
An implementation of Action that will preserve the SLF4J MDC .
|
MdcAwareConsumer<T> |
An implementation of Consumer that will preserve the SLF4J MDC.
|
MdcAwareSubscriber<T> |
An implementation of Subscriber that will preserve the SLF4J MDC .
|
MdcExecutorServiceDelegate |
|
MdcScheduledExecutorServiceDelegate |
|
MemoryBackend |
A simple in-memory collection resource provider which uses a Map to
store resources.
|
MemoryBackend |
A simple in-memory back-end which can be used for testing.
|
Message |
The Message class is used by web service client and server to
construct request or response.
|
Message<M extends Message<M>> |
Elements common to requests and responses.
|
MessageContext |
The authentication framework uses this MessageContext to pass messages and message
processing state to authentication contexts for processing by authentication modules.
|
MessageContextImpl |
An implementation of MessageContext that holds contextual information and state for a
given request and response message exchange.
|
MessageImpl<T extends MessageImpl<T>> |
Abstract message base class.
|
MessageInfoContext |
The authentication framework uses this MessageContextInfo to pass messages and
message processing state to authentication modules for processing of messages.
|
MethodCallStatisticsMXBean |
Exposes statistics on method call timings and rates to JMX monitoring.
|
MissingAttributeDetail |
The StatusCode element is a container of
one or more Status s issuded by authorization authority.
|
Modification |
A modification to be performed on an entry during a Modify operation.
|
ModificationType |
A Modify operation change type as defined in RFC 4511 section 4.6 is used to
specify the type of modification being performed on an attribute.
|
ModificationType.Enum |
Contains equivalent values for the ModificationType values.
|
ModifyDnRequest |
The Modify DN operation allows a client to change the Relative Distinguished
Name (RDN) of an entry in the Directory and/or to move a subtree of entries
to a new location in the Directory.
|
ModifyRequest |
The Modify operation allows a client to request that a modification of an
entry be performed on its behalf by a server.
|
Multimap<K,V> |
Deprecated.
|
MultipleEntriesFoundException |
Thrown when the result code returned in a Result indicates that the requested
single entry search operation or read operation failed because the Directory
Server returned multiple matching entries (or search references) when only a
single matching entry was expected.
|
MultipleOf |
Annotation to mark a numeric JSON Schema property's multipleOf field.
|
MultipleOfSchema |
Interface defining support for multipleOf JSON Schema field.
|
Multiset<E> |
Deprecated.
|
Multiset.Entry<E> |
An unmodifiable element-count pair for a multiset.
|
MultiValueMap<K,V> |
Wraps a map for which the values are lists, providing a set of convenience methods for
handling list values.
|
MutableUri |
A MutableUri is a modifiable URI substitute.
|
NameAlreadyExistsException |
Exception thrown if a name of an object such as policy, rule or
referral already exists (used by another object of the same type)
|
NameForm |
This class defines a data structure for storing and interacting with a name
form, which defines the attribute type(s) that must and/or may be used in the
RDN of an entry with a given structural objectclass.
|
NameForm.Builder |
A fluent API for incrementally constructing name forms.
|
NameID |
The NameID is used in various SAML assertion constructs
such as Subject and SubjectConfirmation
elements, and in various protocol messages.
|
NameIdentifier |
The NameIdentifier element specifies a Subject by a
combination of a name and a security domain governing the name of the
Subject .
|
NameIDMapping |
This class provides methods to send or process
NameIDMappingRequest .
|
NameIDMappingRequest |
This class represents the ManageNameIDRequestType complex type.
|
NameIDMappingResponse |
This class represents the NameIDMappingResponseType complex type.
|
NameIDPolicy |
This interface defines methods to retrieve name identifier related
properties.
|
NameIDType |
The NameIDType is used when an element serves to represent
an entity by a string-valued name.
|
NameNotFoundException |
Exception thrown if an object such as policy, rule or
referral for the given name does not exist.
|
NeverThrowsException |
The NeverThrowsException class is an uninstantiable placeholder
exception which should be used for indicating that a Function or
AsyncFunction never throws an exception (i.e.
|
NewEncryptedID |
Java content class for NewEncryptedID element declaration.
|
NewID |
This interface identifies the new identifier in an
ManageNameIDRequest message.
|
Node |
A node is the core abstraction within an authentication tree.
|
Node.Metadata |
Annotation that describes the metadata of the node.
|
NodeProcessException |
An Exception to indicate that there was a problem processing a Node that could not be resolved to a
Action .
|
NodeState |
Encapsulates all state that is provided by each node and passed between nodes on tree execution.
|
NonExpiringCache<K,V> |
Allows the Caching of an object.
|
NOPCompressionHandler |
A NOP implementation of the Compression Handler, which will be used when no compression is to be
applied.
|
NoPermissionException |
Exception thrown if a policy operation attempted could not be
done due to insufficient permissions
|
NOPSigningHandler |
Deprecated.
|
NoSuchSecretException |
Indicates that no secret was configured for the given purpose, or the named secret is not available.
|
NotFoundException |
An exception that is thrown when a specified resource cannot be found.
|
NotSupportedException |
An exception that is thrown during an operation on a resource when the
resource does not implement/support the feature to fulfill the request.
|
NullLocationException |
Deprecated. |
NumberRange |
An annotation which tags a configuration method as representing a number range.
|
NumberValidator |
|
OAuth2 |
OAuth2 utility class.
|
OAuth2Client<T extends OAuth2ClientConfiguration> |
OAuth 2.0 Client Implementation that supports the Authorization Code Grant Flow.
|
OAuth2ClientConfiguration |
Configuration used for OAuth2 Client Implementations.
|
OAuth2ClientConfiguration.Builder<T extends OAuth2ClientConfiguration.Builder<T,C>,C extends OAuth2ClientConfiguration> |
Builder class for creating the OAuth2ClientConfiguration.
|
OAuth2Context |
|
OAuth2Error |
Describes an error which occurred during an OAuth 2.0 authorization request
or when performing an authorized request.
|
OAuth2Request |
An abstraction of the actual request so as to allow the core of the OAuth2 provider to be agnostic of the library
used to translate the HTTP request.
|
OAuth2SessionInfo |
OAuth2 Session Info Object used to determine if the access token expiry time has passed and to determine
if a session is still active.
|
OAuth2UserInfo |
Information about the current user.
|
OAuthClient |
Generic interface for all OAuth-like clients.
|
OAuthClientConfiguration |
Base configuration of an OAuth client.
|
OAuthClientConfiguration.Builder<T extends OAuthClientConfiguration.Builder<T,C>,C extends OAuthClientConfiguration> |
Base builder used to create OAuthClientConfiguration instances.
|
OAuthConfigException |
Exception used when an error has occurred with an OAuth client's configuration.
|
OAuthException |
An exception that is thrown when an OAuth request has failed.
|
ObjectClass |
This class defines a data structure for storing and interacting with an
objectclass, which contains a collection of attributes that must and/or may
be present in an entry with that objectclass.
|
ObjectClass.Builder |
A fluent API for incrementally constructing object classes.
|
ObjectClassType |
This enumeration defines the set of possible objectclass types that may be
used, as defined in RFC 2252.
|
ObjectInUseException |
Exception thrown to indicate that an object you are trying to
remove is in use and therefore can not be removed.
|
Objects |
Common utility methods for Objects.
|
Obligation |
The Obligation element is a container of
one or more AttributeAssignment s issuded by
authorization authority.
|
ObligationImpl |
The Obligation element is a container of
one or more AttributeAssignment s issuded by
authorization authority.
|
Obligations |
The Obligations element is a container of
one or more Obligation s issuded by
authorization authority.
|
ObligationsImpl |
The Obligations element is a container of
one or more Obligation s issuded by
authorization authority.
|
OctJWK |
Creates an Octet JWK.
|
OctJWK.Builder |
The Octet JWK builder.
|
OkpJWK |
An Octet Key-Pair (OKP) JWK as defined in RFC 8037.
|
OkpJWK.Builder |
Builder object for Octet Key-Pair (OKP) JWKs.
|
OneTimeUse |
The OneTimeUse indicates that the assertion should be
used immediately by the relying party and must not be retained for
future use.
|
OpenAmAccessTokenResolver |
Deprecated.
|
OpenApiHelper |
Helper methods for applying commonly needed changes to the Swagger model.
|
OpenApiHelper.OperationVisitor |
Visits a Swagger Operation .
|
OpenApiTransformer |
|
OpenDjSecurityProvider |
The OpenDJ LDAP security provider which exposes an LDAP/LDIF based KeyStore
service, as well as providing utility methods facilitating construction of LDAP/LDIF based key stores.
|
OpenDjSecurityProviderSchema |
Utility methods for accessing the LDAP schema elements required in order to support the OpenDJ security provider.
|
OpenIDConnectClient |
OpenID Connect Client Implementation that supports the Authorization Code Grant Flow.
|
OpenIDConnectClientConfiguration |
Configuration used for OpenID Connect Client Implementations.
|
OpenIDConnectClientConfiguration.Builder<T extends OpenIDConnectClientConfiguration.Builder<T,C>,C extends OAuth2ClientConfiguration> |
Builder class for creating the OpenIDConnectClientConfiguration.
|
OpenIdConnectModule |
OpenID Connect module that allows access when a valid OpenID Connect JWT which
our server trusts is presented in the specific header field.
|
OpenIDConnectSessionInfo |
OpenIDSessionInfo object used to determine if the access token or id token expiry time has passed and to determine
if a session is still active.
|
OpenIdConnectTokenAuthMethodReferencesMapper |
An interface which allows soap-sts publishers to generate the amr claim for issued OpenIdConnect tokens on the basis
of the validated input token.
|
OpenIdConnectTokenAuthnContextMapper |
OpenIdConnect tokens can include an Authentication Context Class Reference (acr) claim which indicates how the subject
asserted by the OIDC token was authenticated.
|
OpenIdConnectTokenClaimMapper |
An instance of this interface will be used to insert any custom claims into issued OpenIdConnect tokens.
|
OpenIDConnectUserInfo |
OpenID Connect user information related to a users current social session.
|
OpenIdConnectVerificationException |
Problem during the verification of an OpenId Connect module.
|
OpenIdResolver |
A resolver that performs validation against a supplied SignedJwt .
|
OpenIdResolverFactory |
For producing OpenId Resolvers.
|
OpenIdResolverService |
Interface through which OpenIdResolvers are obtained, and the service providing
them is configured.
|
OpenIdResolverServiceConfigurator |
|
OpenIdResolverServiceConfiguratorImpl |
|
OpenIdResolverServiceImpl |
Holds a copy of the current OpenID Resolvers.
|
Operation |
The common details of an operation.
|
Operation |
Class that represents the Operation type in API descriptor.
|
Operation.Builder<T extends Operation.Builder<T>> |
Builder to help construct the Operation.
|
Option<T> |
A configuration option whose value can be stored in a set of Options .
|
Options |
A set of options which can be used for customizing the behavior of HTTP
clients and servers.
|
OptionsFilter |
Filter which handles OPTION HTTP requests to CREST resources.
|
OrganizationAlreadyExistsException |
The OrganizationAlreadyExistsException is thrown if the
organization already exists.
|
OrganizationConfigManager |
The class OrganizationConfigManager provides interfaces to
manage an organization's configuration data.
|
OutcomeProvider |
Describes the outcomes for node instances.
|
OutcomeProvider.Outcome |
A model object for an outcome.
|
OverflowException |
An exception that is thrown if a buffer would overflow as a result of a write operation.
|
PagePropertiesCallback |
PagePropertiesCallback class implements
Callback and used for exchanging all UI related attributes
information such as template name, errorState to indicate
whether a template is an error page, page header, image name , page timeout
value, name of module.
|
PagingMode |
Enum that represents the Query paging mode.
|
Pair<F,S> |
Ordered pair of arbitrary objects.
|
PAOSConstants |
This interface defines constants common to all PAOS elements.
|
PAOSException |
The PAOSException class represents a error while
processing SOAP request and response.
|
PAOSHeader |
The PAOSHeader class is used by a web application
on HTTP server side to parse a PAOS header in an HTTP request
from the user agent side.
|
PAOSRequest |
The PAOSRequest class is used by a web application on
HTTP server side to construct a PAOS request message and send
it via an HTTP response to the user agent side.
|
PAOSUtils |
The PAOSUtils contains utility methods for PAOS
implementation.
|
Parameter |
A extra parameter to an operation.
|
Parameter |
Class that represents the Parameter type in API descriptor.
|
Parameter.Builder |
Builder to construct Parameter object.
|
ParametersConfig |
Configuration for parameter passing stage.
|
ParameterSource |
Enum that represents where the Parameter comes from.
|
ParametersStage |
Captures input parameters to be passed back out at the end of the process.
|
PartialToken |
Represents a partial CTS Token .
|
Partition |
Named set of servers defining a distributed service.
|
Partition.Server |
A server from a partition.
|
Password |
An annotation which tags a configuration method as representing a "secret" value that is encrypted.
|
Password |
An encoded password.
|
PasswordDecoder |
The class PasswordDecoder is an interface
that is implemented to decode password.
|
PasswordExpiredResponseControl |
The Netscape password expired response control as defined in
draft-vchu-ldap-pwd-policy.
|
PasswordExpiringResponseControl |
The Netscape password expiring response control as defined in
draft-vchu-ldap-pwd-policy.
|
PasswordModifyExtendedRequest |
The password modify extended request as defined in RFC 3062.
|
PasswordModifyExtendedResult |
The password modify extended result as defined in RFC 3062.
|
PasswordPolicyErrorType |
A password policy error type as defined in draft-behera-ldap-password-policy
is used to indicate problems concerning a user's account or password.
|
PasswordPolicyException |
The exception class whose instance is thrown if there is any error related with password issue.
|
PasswordPolicyRequestControl |
The password policy request control as defined in
draft-behera-ldap-password-policy.
|
PasswordPolicyResponseControl |
The password policy response control as defined in
draft-behera-ldap-password-policy.
|
PasswordPolicyWarningType |
A password policy warning type as defined in
draft-behera-ldap-password-policy is used to indicate the current state of a
user's password.
|
Patch |
Indicates an CREST patch method on an annotated POJO.
|
Patch |
Class that represents the Patch operation type in API descriptor.
|
Patch.Builder |
Builder to help construct the Patch.
|
PatchOperation |
Represents all Patch operations.
|
PatchOperation |
An individual patch operation which is to be performed against a field within
a resource.
|
PatchRequest |
A request to update a JSON resource by applying a set of changes to its existing content.
|
Path |
Allocate a path to a component.
|
Paths |
Class that represents the Paths type in API descriptor.
|
Paths |
Utilities for manipulating paths.
|
Paths.Builder |
Builder to help construct the Paths.
|
PathsModule |
Jackson Module that adds a serializer modifier for Paths .
|
PathUtil |
Utilities for working with API Description paths and path-parameters.
|
Payload |
The interface represents the body of a JWT.
|
PemPropertyFormat |
Supports decoding keys and certificates in PEM
format.
|
PerItemEvictionStrategyCache<K,V> |
PerItemEvictionStrategyCache is a thread-safe write-through cache.
|
PermanentException |
An exception that indicates that a failure is permanent, i.e.
|
PermissionRequestFilter |
Extension filter that will be called before permission request creation.
|
PermissionTicket |
A POJO to represent the UMA Permission Ticket.
|
PermissiveModifyRequestControl |
The Microsoft defined permissive modify request control.
|
PersistentSearchChangeType |
A persistent search change type as defined in draft-ietf-ldapext-psearch is
used to indicate the type of update operation that caused an entry change
notification to occur.
|
PersistentSearchRequestControl |
The persistent search request control as defined in
draft-ietf-ldapext-psearch.
|
PipeBufferedStream |
|
PkceMethod |
Proof Key for Code Exchange (PKCE) transformation method.
|
PluginException |
An exception for an error in plugin operation.
|
PluginTools |
A collection of simple tools for interacting with the SMS (Service Management Service).
|
Policy |
Deprecated.
|
PolicyDecision |
Deprecated.
|
PolicyEvaluationException |
The class PolicyEvaluationException is the exception
for the error happening in policy request XML parsing and policy
request evaluation.
|
PolicyEvaluator |
Deprecated.
|
PolicyEvent |
Deprecated.
|
PolicyException |
The class PolicyException is the basic exception for the
the policy component.
|
PolicyFactory |
This is the factory class to obtain instances of the objects defined
in xacml context schema.
|
PolicyListener |
Deprecated. |
PolicyManager |
Deprecated.
|
PostReadRequestControl |
The post-read request control as defined in RFC 4527.
|
PostReadResponseControl |
The post-read response control as defined in RFC 4527.
|
PreconditionFailedException |
An exception that is thrown to indicate that a resource's current version
does not match the version provided.
|
PreconditionRequiredException |
An exception that is thrown to indicate that a resource requires a version,
but no version was supplied in the request.
|
Predicate |
An interface for a basic, stand-alone predicate which can be evaluated given some
JsonValue input and serialized for storage.
|
Predicate<T,E extends Exception> |
A Predicate functional interface which can thrown a checked Exception.
|
PreferredLocales |
This class encapsulates an ordered list of preferred locales, and the logic
to use those to retrieve i18n ResourceBundle s.
|
PreReadRequestControl |
The pre-read request control as defined in RFC 4527.
|
PreReadResponseControl |
The pre-read response control as defined in RFC 4527.
|
PrivateKeyJwtClientAuthenticationFilter |
|
PrivateKeyJwtClientAuthenticationFilter.Builder<T extends PrivateKeyJwtClientAuthenticationFilter.Builder<T>> |
Builder class for creating the PrivateKey Jwt ClientAuthentication Filter.
|
PrivilegeEvaluatorContext |
Holds the context of the policy evaluation making it available to policy
conditions.
|
ProcessContext |
Process context represents the current state of the workflow.
|
ProcessInstanceConfig |
Represents the configuration for an instance of the anonymous process service.
|
ProcessStore |
Process store is used to persist state throughout a given flow cycle.
|
ProductPathResolver |
A property accessor for product paths.
|
ProgressStage<C extends StageConfig> |
Progress stage represents a single stage within the overall advance flow.
|
ProgressStageBinder |
Progress stage binder is responsible for creating bindings between the stage configs and their consuming stages.
|
ProgressStageBinding<C extends StageConfig> |
Binds together the progress stage with its config.
|
ProgressStageProvider |
Progress stage provider.
|
Promise<V,E extends Exception> |
A Promise represents the result of an asynchronous task.
|
PromiseImpl<V,E extends Exception> |
An implementation of Promise which can be used as is, or as the basis
for more complex asynchronous behavior.
|
Promises |
Utility methods for creating and composing Promise s.
|
Promises.Results |
Ordered list of joined asynchronous results.
|
ProofTokenState |
When issuing SAML2 Holder-of-Key assertions, the proof token is usually an X509Certificate.
|
ProofTokenState.ProofTokenStateBuilder |
Builder class for ProofTokenState
|
PropertiesResolver |
Given a file path this will load the properties within the file as a PropertyResolver .
|
PropertyFormat |
Supported property formats for file-based and system/environment variable properties.
|
PropertyFormatBase64 |
Decodes secrets in raw base64 format.
|
PropertyOrder |
Annotation to provide a property order for a given object property.
|
PropertyPolicies |
An annotation to declare the policies for property access in the CREST API Descriptor schema elements.
|
PropertyResolver |
A property resolver attempt to get the value of a given config property.
|
PropertyResolvers |
A utility class that gives access to the default property resolvers for a product.
|
PropertyResolverSecretStore |
|
ProtectedResource |
Deprecated.
|
ProtocolFactory |
This is the factory class to obtain object instances for concrete elements in
the protocol schema.
|
ProtocolOp |
The base class of all requests and responses provides methods for querying and manipulating the set of Controls.
|
ProxiedAuthV1RequestControl |
The proxy authorization v1 request control as defined in
draft-weltman-ldapv3-proxy-04.
|
ProxiedAuthV2RequestControl |
The proxy authorization v2 request control as defined in RFC 4370.
|
ProxyPolicyEvaluator |
Deprecated.
|
ProxyPolicyEvaluatorFactory |
Deprecated.
|
ProxyProtocolHeader |
|
ProxyProtocolHeader.SslTlv |
|
ProxyProtocolHeader.SslTlv.ClientBit |
Represents the possible values for the client property of the "pp2_tlv_ssl" structure.
|
ProxyProtocolHeader.SslTlv.SslSubType |
|
ProxyRestriction |
The ProxyRestriction specifies limitations that the
asserting party imposes on relying parties that in turn wish to
act as asserting parties and issue subsequent assertions of their
own on the basis of the information contained in the original
assertion.
|
PublicKeyOpenIdResolverImpl |
This class exists to allow functionality for those Open ID Connect providers which
supply their signatures through asymmetric key algorithms (e.g.
|
Purpose<T extends Secret> |
A purpose encapsulates both a name for a function that requires access to secrets, together with a hint as
to the intended usage of those secrets.
|
PurposeMapping |
A mapping of purpose to alias with a valid-from date.
|
PurposeMappingValidator |
This validator makes sure that the secret mappings have both the alias and the secret ID specified, and
additionally it verifies that there is no other secret mapping in the configuration already for the same secret ID.
|
PushNotificationDelegate |
|
PushNotificationDelegateFactory |
Defines how PushNotificationDelegates should be created.
|
Queries |
Declare an array of Query operations from a single method.
|
Query |
Indicates an CREST query method on an annotated POJO.
|
Query |
Class that represents the Create Operation type in API descriptor.
|
Query.Builder |
Builder to help construct the Read.
|
QueryElement |
Deprecated. |
QueryFilter<F> |
A filter which can be used to select resources, which is compatible with the CREST query filters.
|
QueryFilterOperators |
QueryFilter constants.
|
QueryFilterParser<F> |
A query string has the following string representation:
|
QueryFilters |
|
QueryFilterVisitor<R,P,F> |
A visitor of QueryFilter s, in the style of the visitor design
pattern.
|
QueryRequest |
A request to search for all JSON resources matching a user specified set of criteria.
|
QueryResourceHandler |
A completion handler for consuming the results of a query request.
|
QueryResponse |
The final result of a query request returned after all resources matching the
request have been returned.
|
QueryType |
Enum that represents the Query type.
|
QuotaExhaustionAction |
Interface to define the resulting behavior when the session quota is exhausted.
|
RangeSet |
Exposes a range of integer values as a set.
|
Rdn |
A relative distinguished name (RDN) as defined in RFC 4512 section 2.3 is the
name of an entry relative to its immediate superior.
|
Read |
Indicates an CREST read method on an annotated POJO.
|
Read |
Class that represents the Read Operation type in API descriptor.
|
Read.Builder |
Builder to help construct the Read.
|
ReadinessCheck |
This interface defines the contract for checking whether an AM service or component is ready to service requests
successfully, independent of the state of any 3rd party dependencies.
|
ReadinessCheckEndpoint |
CHF endpoint that reports AMs readiness, pertaining to the characteristics laid out in the Kubernetes documentation
for the readiness probe.
|
ReadOnly |
Annotation to mark a JSON Schema property as read-only.
|
ReadPolicy |
Enum that represents the Schema read policies.
|
ReadRequest |
A request to read a single identified JSON resource.
|
Realm |
Models a valid realm within OpenAM.
|
RealmConfiguration<T> |
|
RealmLookup |
API for looking up realms and determining if they are active or not.
|
RealmLookupException |
Signals that the realm String used to lookup a realm failed due to it being
an invalid realm identifier or the lookup operation failed.
|
Realms |
A class to statically obtain Realm instances.
|
RecoveryCodeGenerator |
Generates codes of a specified length using a given Alphabet as valid characters.
|
Reference |
Class that represents the Reference type in API descriptor.
|
Reference.Builder |
Builder to help construct the Reference.
|
ReferenceResolver |
|
Referral |
Deprecated. |
ReferralException |
Thrown when the result code returned in a Result indicates that the Request
could not be processed by the Directory Server because the target entry is
located on another server.
|
ReferralTypeManager |
Deprecated.
|
ReferrerHeader |
A Header representation of the Referrer HTTP header.
|
Reject |
A input parameter-validating utility class using fluent invocation:
|
RejectedChangeRecordListener |
A listener interface which is notified whenever a change record cannot be
applied to an entry.
|
RejectedLdifListener |
A listener interface which is notified whenever LDIF records are skipped,
malformed, or fail schema validation.
|
RejectedMacaroonException |
Indicates that a macaroon has been rejected by a MacaroonVerifier for a reason other than being invalid.
|
RelaxRulesRequestControl |
The internet-draft defined Relax Rules control.
|
ReplicationServiceDiscoveryMechanism |
Service Discovery Mechanism retrieving information from a replication topology.
|
Request |
The Request element is the top-level element in the XACML
context scehema.
|
Request |
A request message.
|
Request |
Common attributes of all JSON resource requests.
|
Request |
The base class of all Requests provides methods for querying and manipulating
the set of Controls included with a Request.
|
Request.RequestType |
The type of this request.
|
RequestAbstract |
This interface defines methods for setting and retrieving attributes and
elements associated with a SAML request message used in SAML protocols.
|
RequestAuditContext |
A context for audit information for an incoming request.
|
RequestAuthorizationFilter |
Extension filter that will be called before request authorization and after
request authorization.
|
RequestCookies |
Exposes incoming request cookies.
|
RequestedAuthnContext |
Java content class for RequestedAuthnContext element declaration.
|
RequesterID |
This interface identifies the requester in an AuthnRequest
message.
|
RequestHandle |
Provides the ability to terminate an asynchronous LDAP request.
|
RequestHandler |
A marker annotation to indicate that the annotated class should be interpreted as an annotated CREST
request handler.
|
RequestHandler |
Represents the contract with a set of resources.
|
RequestImpl |
The Request element is the top-level element in the XACML
context schema.
|
Requests |
A utility class containing various factory methods for creating and
manipulating requests.
|
Requests |
This class contains various methods for creating and manipulating requests.
|
RequestType |
An enumeration whose values represent the different types of request.
|
RequestVisitor<R,P> |
A visitor of Request s, in the style of the visitor design pattern.
|
RequestVisitor<R,P,E extends Exception> |
A visitor of Request s, in the style of the visitor design pattern.
|
RequirementsBuilder |
Helper class to assist with the building of requirements.
|
ResetStage |
The reset password stage.
|
ResetStageConfig |
Configuration for the password reset stage.
|
Resource |
The Resource element specifies information about the
resource to which access is requested by listing a
sequence of Attribute elements associated with the
resource.
|
Resource |
Class that represents the Resource type in API descriptor.
|
Resource.AnnotatedTypeVariant |
The variant of the annotated type.
|
Resource.Builder |
Builder to help construct the Resource.
|
ResourceAccess |
|
ResourceApiVersionBehaviourManager |
Implementations of this interface will be responsible for maintaining the
behaviour of API Version routing.
|
ResourceApiVersionRoutingFilter |
API Version routing filter which creates a ApiVersionRouterContext
which contains the default routing behaviour when the
Accept-API-Version header is set on the request.
|
ResourceApiVersionRoutingFilter |
API Version routing filter which creates a ApiVersionRouterContext
which contains the default routing behaviour when the
Accept-API-Version header is set on the request.
|
ResourceApiVersionSpecificationFilter |
A Filter supporting the specification of resource API version configuration to be
used when a request on a specific endpoint does not contain an Accept-API-Version
header.
|
ResourceApiVersionSpecificationFilter.NoApiVersionHandler |
Handler allowing products to extend behaviour when a request has no resource API version supplied.
|
ResourceApiVersionSpecificationFilter.ResourcePathAndVersion |
|
ResourceApiVersionSpecificationFilter.ResourcePathAndVersionSpecification |
|
ResourceApiVersionSpecificationFilter.VersionSpecification |
Mechanism supporting specification of a version on the request.
|
ResourceAttribute |
Encapsulates a Strategy to derive attributes to be returned with a particular
Entitlement when evaluating Privilege s.
|
ResourceContent |
The ResourceContent element specifies information about the
resource to which access is requested by listing a
sequence of Attribute elements associated with the
resource.
|
ResourceDelegationFilter |
Extension filter that will be called before a resource is shared, after a
resource is shared, before a shared resource is modified and on a resource
no longer being shared.
|
ResourceException |
An exception that is thrown during the processing of a JSON resource request.
|
ResourceImpl |
The Resource element specifies information about the
resource to which access is requested by listing a
sequence of Attribute elements associated with the
resource.
|
ResourceMatch |
Deprecated.
|
ResourceMatch |
The class ResourceMatch defines the results
of a resource match with respect to Policy.
|
ResourceName |
Deprecated. |
ResourceName |
The interface ResourceName provides
methods to determine the hierarchy of resource names.
|
ResourcePath |
A relative path, or URL, to a resource.
|
ResourceRegistrationFilter |
Extension filter that will be called before and after resource sets are
registered.
|
ResourceResponse |
A resource, comprising of a resource ID, a revision (etag), and its JSON
content.
|
ResourceResult |
Deprecated.
|
Resources |
This class contains methods for creating and manipulating connection
factories and connections.
|
ResourceServerFilter |
Validates a Request that contains an OAuth 2.0 access token.
|
ResourceSetDescription |
Represents a resource set description created by an OAuth2 client (resource server).
|
Response |
The Response message element is used when a response consists
of a list of zero or more assertions that satisfy the request.
|
Response |
The Response element is a container of
one or more Result s issued by policy decision point
|
Response |
A response message.
|
Response |
Common response object of all resource responses.
|
Response |
The base class of all Responses provides methods for querying and
manipulating the set of Controls included with a Response.
|
ResponseCacheControl |
Indicates whether a response can be cached and under what conditions.
|
ResponseException |
An HTTP Framework Exception that can be used by filters/handlers to simplify
control-flow inside async call-backs.
|
ResponseMode |
|
ResponseProvider |
Deprecated. |
ResponseProviderTypeManager |
Deprecated.
|
Responses |
Provide out-of-the-box, pre-configured Response objects.
|
Responses |
A utility class containing various factory methods for creating and
manipulating responses.
|
Responses |
This class contains various methods for creating and manipulating responses.
|
ResponseTypeHandler |
Handles the issuing of Tokens for a response type, i.e.
|
ResponseWriter |
Writes AuthenticationException responses for different media types.
|
RestrictedTokenContextFilter |
A filter that can be applied to a CREST route in order to enter the restricted token context for a request if
it contains a requester token as well as subject token.
|
RestTokenProvider<T> |
Interface defining token creators in the rest-sts.
|
RestTokenProviderParameters<T> |
Parameter state passed to JsonTokenProvider instances.
|
RestTokenTransformValidator<T> |
Defines the contract for token validators deployed in the context of token transformation.
|
RestTokenTransformValidatorParameters<T> |
Defines the parameter state which needs to be passed to the RestTokenTransformValidator#validateToken instances.
|
Result |
The Result element is a container of
one or more Result s issuded by authorization authority.
|
Result |
A Result is used to indicate the status of an operation performed by the
server.
|
ResultCode |
An operation result code as defined in RFC 4511 section 4.1.9 is used to
indicate the final status of an operation.
|
ResultCode.Enum |
Contains equivalent values for the ResultCode values.
|
ResultHandler<T,E extends Exception> |
ResultHandler is responsible for providing a mechanism of allowing access to the result
of an asynchronous operation.
|
ResultHandler<V> |
A completion handler for consuming the results of asynchronous tasks.
|
RetrieveEmailConfig |
Configuration for the retrieve email stage.
|
RetrieveEmailStage |
Stage is responsible for retrieving the email.
|
RetrieveUsernameConfig |
Configuration for the retrieve username stage.
|
RetrieveUsernameStage |
Stage is responsible for retrieving the username.
|
RetryableException |
An exception that indicates that a failure may be temporary, and that
retrying the same request may be able to succeed in the future.
|
RootContext |
A Context which has an a globally unique ID but no parent.
|
RootDse |
The root DSE is a DSA-specific Entry (DSE) and not part of any naming context
(or any subtree), and which is uniquely identified by the empty DN.
|
RootUrlManager |
Singleton class used to manage Root URL providers.
|
RootUrlProvider |
Interface used for getting a context's root url.
|
RootUrlProviderException |
To be used when an exception has occurred in a root url provider.
|
RouteMatch |
Contains the result of routing to a particular route.
|
RouteMatcher<R> |
A matcher for evaluating whether a route matches the incoming request.
|
RouteMatchers |
A utility class that contains methods for creating route matchers.
|
RouteMatchers |
A utility class that contains methods for creating route matchers.
|
Router |
A router which routes requests based on route matchers.
|
Router |
A router which routes requests based on route predicates.
|
Router.UriTemplate |
Represents a URI template string that will be used to match and route
incoming requests.
|
RoutingMode |
The algorithm which should be used when matching URI templates against
request resource names.
|
RSA15AES128CBCHS256EncryptionHandler |
Deprecated.
|
RSA15AES256CBCHS512EncryptionHandler |
Deprecated.
|
RSAEncryptionHandler |
Abstract base class for implementations of the RSAES-PKCS1-v1_5 and RSA-OAEP encryption schemes.
|
RsaJWK |
Implements a RsaJWK.
|
RsaJWK.Builder |
The RSA JWK builder.
|
RsaJWK.PrimesInfo |
Holds the other prime factors.
|
RSASigningHandler |
Deprecated.
|
Rule |
Deprecated.
|
RuntimeExceptionHandler |
A completion handler for consuming runtime exceptions which occur during the
execution of asynchronous tasks.
|
RxIo |
Utility class for creating reactive transports and sockets.
|
RxServerSocket<M,S extends RxSocket<M>> |
A reactive server socket listens for incoming connections and binds them to a RxSocket .
|
RxSocket<M> |
A transport agnostic reactive socket abstraction.
|
RxTransport<M,S extends RxSocket<M>> |
Factory interface for creating reactive client and server sockets.
|
Saml2ClientConstants |
Constants used by the SAML2 Client implementation.
|
Saml2ClientModule |
Guice module containing bindings for SAML2 client APIs.
|
SAML2Config |
Encapsulates the configuration state necessary to produce SAML2 assertions.
|
SAML2Config.SAML2ConfigBuilder |
Builder used to programmatically create SAML2Config objects
|
SAML2Constants |
This interface defines constants common to all SAMLv2 elements.
|
SAML2Constants.ScriptParams |
Constants for SAML2 scripted plugins
|
SAML2Exception |
This class is an extension point for all SAML related exceptions.
|
SAML2IdentityProviderAdapter |
This interface SAML2IdentityProviderAdapter is used to perform
specific tasks in the IdP
|
SAML2IDPFinder |
This interface SAML2IDPFinder is used to find a list of
preferred Identity Authenticating providers to service the authentication
request.
|
SAML2InvalidNameIDPolicyException |
This class is an extension point for all SAML related exceptions.
|
SAML2InvalidUserException |
This class is an extension point for invalid usernames in the SAML flow.
|
SAML2MetaUtils |
The SAML2MetaUtils provides metadata related util methods.
|
Saml2Options |
This class contains the currently available options that can control the SAML2 flows.
|
Saml2Proxy |
Called on the way back into the SAML2 Authentication Module
by the saml2AuthAssertionConsumer jsp.
|
Saml2ResponseData |
Response data from SAML2 IDP, combined here for ease of access.
|
SAML2SDKUtils |
The SAML2SDKUtils contains utility methods for SAML 2.0
implementation.
|
SAML2ServiceProviderAdapter |
The SAML2ServiceProviderAdapter abstract class provides methods
that could be extended to perform user specific logics during SAMLv2
protocol processing on the Service Provider side.
|
Saml2SpSsoInitiator |
Initiates SAML2 single sign-on on the service provider side.
|
Saml2SsoException |
An exception type that highlights that an issue has occurred during SAML2 single sign-on.
|
Saml2SsoInitiator |
This interface exposes APIs to allow callers to initiate SAML2 Single Sign-on flows when AM acts as a service
provider.
|
Saml2SsoResponseUtils |
Utility methods for working with SAML2 SSO responses.
|
Saml2SsoResult |
This POJO contains information collated during SAML2 response processing.
|
SAML2SubjectConfirmation |
Enum defining the SAML2 SubjectConfirmation values used in the REST-STS and the TokenGenerationService.
|
SAML2Utils |
The SAML2Utils contains utility methods for SAML 2.0
implementation.
|
SAMLConstants |
This is a common class defining some constants common to all SAML elements.
|
SAMLException |
This class is an extension point for all SAML related exceptions.
|
SAMLRequesterException |
This exception is thrown when the request could not be performed due to
an error in the sender or in the request.
|
SAMLResponderException |
This exception is thrown when the request could not be performed
due to an error at the receiving end.
|
SAMLUtils |
This class contains some utility methods for processing SAML protocols.
|
SAMLVersionMismatchException |
This exception is thrown when the receiver could not process the request
because the version was incorrect.
|
SaslRxSocket |
A reactive socket which adds SASL QOP to an underlying reactive socket..
|
Schema |
Specify a schema for the element that is being described.
|
Schema |
Class that represents the Schema type in API descriptor.
|
Schema |
This class defines a data structure that holds information about the
components of the LDAP schema.
|
Schema.Builder |
A builder class for Schema instances.
|
SchemaBuilder |
Schema builders should be used for incremental construction of new schemas.
|
SchemaBuilder.SchemaBuilderHook |
Allows to perform modifications on element's builders before adding the result to this schema builder.
|
SchemaElement |
Interface for schema elements.
|
SchemaException |
The SchemaException is thrown if the error encountered is
related to the schema.
|
SchemaOptions |
Common options for LDAP schemas.
|
SchemaResolver |
Schema resolvers are included with a set of DecodeOptions in order to
allow application to control how Schema instances are selected when
decoding requests and responses.
|
SchemaType |
The class SchemaType defines the types of schema objects, and
provides static constants for these schema objects.
|
SchemaValidationPolicy |
This class provides various schema validation policy options for controlling
how entries should be validated against the directory schema.
|
SchemaValidationPolicy.Action |
An enumeration of the possible actions which can be performed when a
schema validation failure is encountered.
|
ScopeEvaluator |
A plugin or (extension point) that evaluates and returns an OAuth2 access token's scope information.
|
ScopeValidator |
A plugin or (extension point) that allows the OAuth2 provider to customise the set of requested scopes for authorize,
access token, refresh token and back channel authorize requests.
|
ScopeValidator |
Deprecated.
|
Scoping |
This interface defines methods to retrieve Identity Providers and
context/limitations related to proxying of the request message.
|
ScramCredential |
The SCRAM credential data persisted in the server using the representation described in RFC 5803 which is a
specialization of RFC 3112.
|
ScramCredentialCallback |
Server-side callback for obtaining the stored SCRAM credential for a given user and mechanism.
|
ScramMechanism |
SASL/SCRAM client and server implementations as specified in RFC 5802.
|
ScriptedSecrets |
A wrapper around the Secrets API that allows a simplified interface to access secrets from a scripting context.
|
ScriptEntitlementInfo |
This class wraps around an EntitlementInfo object for consumption in scripts.
|
ScriptPropertyResolver |
Resolver for getting properties in scripts.
|
SearchRequest |
The Search operation is used to request a server to return, subject to access
controls and other restrictions, a set of entries matching a complex search
criterion.
|
SearchResultEntry |
A Search Result Entry represents an entry found during a Search operation.
|
SearchResultHandler |
A completion handler for consuming the results of a Search operation.
|
SearchResultReference |
A Search Result Reference represents an area not yet explored during a Search
operation.
|
SearchResultReferenceIOException |
Thrown when an iteration over a set of search results using a
ConnectionEntryReader encounters a SearchResultReference .
|
SearchScope |
A Search operation search scope as defined in RFC 4511 section 4.5.1.2 is
used to specify the scope of a Search operation.
|
SearchScope.Enum |
Contains equivalent values for the SearchScope values.
|
Secret |
Value object that models a secret as a value.
|
Secret |
A secret is any piece of data that should be kept confidential.
|
SecretBuilder |
Provides a uniform way for secrets providers to construct secrets and keys.
|
SecretConfigurationException |
An exception that occured when reading the configuration of the secret API.
|
SecretConstraint<T extends Secret> |
Interface for constraints on a secret that must be satisfied for a given Purpose .
|
SecretDecoder |
Specifies how data retrieved from a SecretStore should be decoded into a secret object.
|
SecretECDSASigningHandler |
Elliptic Curve Digital Signature Algorithm (ECDSA) signing and verification.
|
SecretEdDSASigningHandler |
Signing handler for Edwards Curve DSA (EdDSA) as defined in RFC
8037.
|
SecretException |
A class of exception arising from use of the secrets API.
|
SecretHmacSigningHandler |
An implementation of the SigningHandler which can sign and verify using algorithms from the HMAC family.
|
SecretIdChoiceValues |
A ChoiceValues implementation that fetches the names of all known purposes.
|
SecretIdProvider |
This interface allows AM's modules/components to easily expose which secret IDs they are using.
|
SecretInitialisationException |
An exception that occurred when initialising the secret API.
|
SecretInstantiationException |
An exception that represents an inability to instantiate a secret object.
|
SecretKeyPropertyFormat |
Wraps a property format that decodes raw bytes and converts it into a property format for extracting secret keys
using some algorithm.
|
SecretPropertyFormat |
Defines the format of secrets loaded from configuration properties.
|
SecretReference<T extends Secret> |
A long-lived reference to an active or named secret.
|
SecretRSASigningHandler |
An Secret -based implementation of the SigningHandler which
can sign and verify using algorithms from the RSA family.
|
Secrets |
The top-level API to obtain secrets in AM.
|
SecretsApiBearerTokenCredentials |
Provides Google SDK credentials from the secrets API.
|
SecretSigningHandler |
Provides Secret -based signing and verification code base.
|
SecretsJwtTokenHandler |
Token handler for creating tokens using a JWT as the store.
|
SecretsJwtTokenHandler.Builder |
|
SecretsKeyManager |
|
SecretsKeyStoreProvider |
A Java security provider that exposes a KeyStore view of a secret store.
|
SecretsLoadStoreParameter |
Class used to initialise the keystore when it is initialised via the standard Java interfaces.
|
SecretsProvider |
The secrets provider is used to get hold of active, named or valid secret objects.
|
SecretsProviderFacade |
A facade around SecretsProvider instances from the realm and global levels that will delegate correctly
to the global provider when a secret is not found in the realm, and knows how to resolve secrets for a
DefaultingPurpose .
|
SecretsProviderJwtCryptographyHandler |
Deprecated.
|
SecretsReferenceProvider |
A class that can provide secret references for a given purpose.
|
SecretStore<T extends Secret> |
A backend storage mechanism for certain kinds of secrets.
|
SecretStoreContext |
Encapsulates the context in which a secret store is being instantiated.
|
SecretsTrustManager |
Provides an implementation of a standard Java TLS X509ExtendedTrustManager that will retrieve trusted
certificates from the Secrets API.
|
SecretsUtils |
Utility methods for dealing with secrets.
|
SecureAttrs |
SecureAttrs class forms the core api of "Secure Attributes
Exchange" (SAE) feature.
|
SecurityAnswer |
Utility Class for Security Answers.
|
SecurityAnswerDefinitionConfig |
Configuration for the KBA Security Answer Definition Stage.
|
SecurityAnswerDefinitionStage |
Stage is responsible for supplying the KBA questions to the user and capturing the answers provided by the user.
|
SecurityAnswerLockoutManager |
Interface to manage security question answer match failures and subsequent lockout.
|
SecurityAnswerVerificationConfig |
Configuration for the KBA Security Answer Verification Stage.
|
SecurityAnswerVerificationStage |
Stage is responsible for verifying the answers provided by the user for the KBA questions.
|
SecurityAssertion |
The SecurityAssertion class provides an extension to
Assertion class to support ID-WSF
ResourceAccessStatement and
SessionContextStatement .
|
SecurityContext |
A Context containing information about the client performing the
request which may be used when performing authorization decisions.
|
SecurityUtils |
This class has common utility methods .
|
SelfService |
Denotes self service dependencies.
|
SelfServiceConsoleConfig |
Defines the bases for which all self service console configuration should be built on.
|
SelfServiceContext |
A Context that indicates the request came from Self-Service.
|
SerializationFormat |
Determines how to serialize and deserialize macaroons into a string format.
|
ServerSideSortRequestControl |
The server-side sort request control as defined in RFC 2891.
|
ServerSideSortResponseControl |
The server-side sort response control as defined in RFC 2891.
|
ServiceAlreadyExistsException |
The ServiceAlreadyExistsException is thrown if the service
already exists.
|
ServiceAttributeValidator |
The interface ServiceAttributeValidator should be implemented
by the services/applications if validator plugins are required.
|
ServiceComponentConfig |
A marker interface indicating that the sub-type defines configuration for a Service Component.
|
ServiceConfig |
The class ServiceConfig provides interfaces to manage the
configuration information of a service configuration.
|
ServiceConfigException |
An exception that indicates there was a problem when using the Service Component Config API.
|
ServiceConfigException |
A sub-exception of SMSException for the ServiceConfigValidator .
|
ServiceConfigManager |
The class ServiceConfigurationManager provides interfaces to manage the service's configuration data.
|
ServiceConfigProvider<C extends SelfServiceConsoleConfig> |
Provides self service config instances based of the passed console configuration instance.
|
ServiceConfigValidator |
This interface provides a means to validate an entire ServiceConfig 's attribute values together.
|
ServiceConfigValidatorV2 |
This interface provides a means to validate an entire ServiceConfig 's attribute values together.
|
ServiceDiscoveryChangeListener |
This interface defines the methods that a Service Discovery consumer should implement if it wishes to be notified of
changes in the service.
|
ServiceDiscoveryMechanism |
Maintains a set of Partition s keeping it up to date according to a specific discovery mechanism.
|
ServiceErrorException |
A sub-exception of SMSException for the ServiceConfigValidator .
|
ServiceInstance |
The class ServiceInstance provides methods to manage service's
instance variables.
|
ServiceInstanceUpdateHeader |
The ServiceInstanceUpdateHeader class represents
ServiceInstanceUpdate element defined in SOAP binding schema.
|
ServiceInstanceUpdateHeader.Credential |
The ServiceInstanceUpdateHeader.Credential class represents
Credential element in ServiceInstanceUpdate
element defined in SOAP binding schema.
|
ServiceListener |
The interface ServiceListener needs to be implemented by
applications in order to receive service data change notifications.
|
ServiceManager |
The ServiceManager class provides methods to register/remove
services and to list currently registered services.
|
ServiceNotFoundException |
The ServiceNotFoundException is thrown if the service does not
exist.
|
Services |
Class that represents API descriptor's Service Resource definitions.
|
Services.Builder |
Builder to help construct the Services.
|
ServiceSchema |
The class ServiceSchema provides interfaces to manage the
schema information of a service.
|
ServiceSchemaManager |
The class ServiceSchemaManager provides interfaces to manage
the service's schema.
|
ServiceUnavailableException |
An exception that is thrown during an operation on a resource when the server
is temporarily unable to handle the request.
|
ServiceUtils |
General utility class.
|
ServletJwtSessionModule |
A JASPI Servlet API Session Module which creates a JWT when securing the response from a successful authentication
and sets it as a Cookie on the response.
|
Session |
An interface for managing attributes across multiple requests from the same user agent.
|
SessionContext |
A SessionContext is a mechanism for maintaining state between components when processing a successive
requests from the same logical client or end-user.
|
SessionException |
This class is to handle Session related exceptions.
|
SessionIndex |
This class represents the SessionIndex element in
SAML protocol schema.
|
SessionInfo |
SessionInfo object represents information about an Oauth session.
|
SessionListener |
Interface used for session invalidation notification.
|
SessionManager |
Deprecated. |
SessionPropertyUpgrader |
This class is used in case of session upgrade for copying session properties
from the old session into the new one.
|
SessionProvider |
Interface used for creating sessions, and for accessing session
information.
|
SessionTimeoutHandler |
Implementation of this class gets executed every time when an SSO Session
times out (either idle or max timeout).
|
SetCookie2Header |
Deprecated, for removal: This API element is subject to removal in a future version.
|
SetCookieHeader |
Processes the Set-Cookie request message header.
|
SetCookieSupport |
Support class for generating Set-Cookie header values.
|
SetDecorator<E> |
Contains another set, which is uses as its basic source of data, possibly transforming the
data along the way.
|
SharedSecretOpenIdResolverImpl |
This class exists to allow functionality for those Open ID Connect providers which
supply their signatures through symmetric key algorithms (e.g.
|
SharedSecretProvider |
Provided as an extension point to allow customised transformation of the OATH shared secret attribute.
|
SharedStateConstants |
This class represents all the constants that can be used as keys for storing values in the tree's shared state.
|
ShutdownListener |
Any component which needs to be shut down should implement this interface
and use the function to shut down the component.
|
ShutdownManager |
Interface used by shutdown managers to allow for thread safe
adding and removing of shutdown listeners.
|
ShutdownPriority |
This class defines the shutdown priorities that are consumed by
com.sun.identity.common.ShutdownManager .
|
SignatureUtil |
Utility class for signing and verifying signatures.
|
SignedEncryptedJwsHeaderBuilder |
Deprecated.
|
SignedEncryptedJwt |
Deprecated.
|
SignedEncryptedJwtBuilder |
Deprecated.
|
SignedJwt |
A JWS implementation of the Jwt interface.
|
SignedJwtBuilder |
A base interface for both SignedJwtBuilder and SignedEncryptedJwtBuilder to create Signed JWTs and Signed and
Encrypted JWTs.
|
SignedJwtBuilderImpl |
An implementation of a JwtBuilder that can build a JWT and sign it, resulting in a SignedJwt object.
|
SignedThenEncryptedJwt |
A nested signed-then-encrypted JWT.
|
SignedThenEncryptedJwtBuilder |
Builder for nested signed-then-encrypted JWT.
|
SigningHandler |
The interface for SigningHandlers for all the different signing algorithms.
|
SigningKey |
A key that is used for signing digital signatures.
|
SigningManager |
A service to get the appropriate SigningHandler for a specific Java Cryptographic signing algorithm.
|
SimpleHttpClientRequest |
|
SimpleHttpClientResponse |
|
SimplePagedResultsControl |
The simple paged results request and response control as defined in RFC 2696.
|
SimpleSecretStoreProvider |
Provides instances of the commons secrets SecretStore without needing references to other secrets.
|
SingleAliasPurposeMappingValidator |
|
SingleOutcomeNode |
Abstract node for nodes that always result in the same single outcome.
|
SingleOutcomeNode.OutcomeProvider |
Provides a static single outcome for nodes with a single outcome.
|
SingletonProvider |
A marker annotation to indicate that the annotated class should be interpreted as an annotated CREST
singleton provider resource.
|
SingletonResourceProvider |
An implementation interface for resource providers which exposes a single
permanent resource instance.
|
SMSException |
The exception class whose instance is thrown if there is any error during the
operation of objects of the com.sun.identity.sms package.
|
SMSGateway |
Defines the ability to send SMS (Short Message Service) and e-mail via a gateway implementation.
|
SMSThreadPool |
The class SMSThreadPool provides interfaces to manage notification thread pools shared by idm and sm.
|
SnapshotTokenCallback |
Callback is invoked when a new snapshot token is created
just before requirements are returned to the client.
|
SnapshotTokenConfig |
|
SnapshotTokenHandlerFactory |
Factory for delivering snapshot token handlers.
|
SOAPBindingConstants |
This class contains all the constants used by the
Soapbinding classes.
|
SOAPBindingException |
The SOAPBindingException class represents a error while
processing SOAP request and response.
|
SOAPClientException |
An SOAPClientException is thrown when there are errors related
to JAXRPC and SOAP methods.
|
SOAPClientException |
An SOAPClientException is thrown when there are errors related
to JAXRPC and SOAP methods.
|
SOAPFault |
The SOAPFault class represents a SOAP Fault element.
|
SOAPFaultDetail |
The SOAPFaultDetail class represents the 'Detail' child element
of SOAP Fault element.
|
SOAPFaultException |
The SOAPFaultException class represents a SOAP Fault while
processing SOAP request.
|
SortKey |
A sort key which can be used to specify the order in which JSON resources
should be included in the results of a query request.
|
SortKey |
A search result sort key as defined in RFC 2891 is used to specify how search
result entries should be ordered.
|
SortKeyComparator |
This comparator iterates through the provided sortKeys and finds the first comparative difference between the left
and right side JsonValues.
|
SortKeyComparator.NullPosition |
Defines possible positions for JsonValue that wraps a null object.
|
SPAccountMapper |
The interface SPAccountMapper is used to identify the local identities that maps the SAML
protocol objects such as Assertion , ManageNameIDRequest etc.
|
SPAccountMapper |
The class PartnerAccountMapper is an interface
that is implemented to map partner account to user account
in OpenAM.
|
SPACSUtils |
This class is used by a service provider (SP) to process the response from
an identity provider for the SP's Assertion Consumer Service.
|
SPAttributeMapper |
This interface SPAttributeMapper is used to map the
SAML Attribute s to the local user attributes.
|
SPAttributeMapper |
This interface SPAttributeMapper is used to map the
SAML Attribute s to the local user attributes.
|
SPAuthnContextMapper |
The interface SPAuthnContextMapper.java determines
the Authentication Context to be set in the Authentication Request
and the Auth Level of an Authentication Context.
|
SslConnectionManager |
This interface exposes the key components necessary to establish secure HTTPS connections.
|
SslOptions |
Encapsulates options for configuring SSL based security as well as providing methods for building SSLEngine s.
|
SslOptions.ClientAuthPolicy |
Represents the client authentication policy option.
|
SslRxSocket |
A reactive socket implementation which adds SSL to an underlying reactive socket.
|
SSOException |
This SSOException is thrown when there are single sign on token
operation error.
|
SSOProviderImpl |
This final class SSOProviderImpl implements
SSOProvider interface and provides implementation of the methods
to create , destroy , check the validity of a single sign on token.
|
SSOToken |
The SSOToken class represents a "single sign on"(SSO) token.
|
SSOTokenEvent |
The SSOTokenEvent is an interface that represents an SSO token
event.The single sign on token event represents a change in
SSOToken .
|
SSOTokenID |
The SSOTokenID is an interface that is used to identify a single
sign on token object.
|
SSOTokenListener |
The SSOTokenListener interface needs to be implemented by the
applications to receive SSO token events.
|
SSOTokenListenersUnsupportedException |
|
SSOTokenManager |
SSOTokenManager is the final class that is the mediator between the SSO APIs
and SSO providers.
|
Stability |
Represents API stability.
|
StageConfig |
Represents the configuration for a given progress stage.
|
StageConfigException |
Represents some framework error around the use of progress stages and configs.
|
StageResponse |
Stage response represents a response from having invoked a progress stage.
|
StageResponse.Builder |
|
StageResponse.RequirementsBuilder |
Requirements builder allows for the definition of a snapshot token
callback, which gets invoked with just prior to requirements being
sent to the client.
|
StageUtils |
Utility class.
|
StartTlsExtendedRequest |
The start TLS extended request as defined in RFC 4511.
|
StartTlsExtendedResult |
The start tls extended result as defined in RFC 4511.
|
Statement |
The Statement element is an extension point that allows
other assertion-based applications to reuse the SAML assertion framework.
|
Statement |
The Statement element is an extension point that allows
other assertion-based applications to reuse the SAML assertion framework.
|
StaticOutcomeProvider |
Describes the outcomes for node instances that have static outcomes.
|
StaticServiceDiscoveryMechanism |
This mechanism only returns the list of servers in its configuration, without checking for availability.
|
Stats |
Allows a uniform interface to statistics information in a uniform format.
|
Status |
This class represents the StatusType complex type in
SAML protocol schema.
|
Status |
The Status element is a container of
one or more Status s issuded by authorization authority.
|
Status |
The status-code element is a three-digit integer code giving the
result of the attempt to understand and satisfy the request.
|
Status.Family |
The first digit of the status-code defines the class of response.
|
StatusCode |
This class represents the StatusCodeType complex type in
SAML protocol schema.
|
StatusCode |
The StatusCode element is a container of
one or more StatusCode s issuded by authorization authority.
|
StatusCodeImpl |
The StatusCode element is a container of
one or more StatusCode s issuded by authorization authority.
|
StatusDetail |
This class represents the StatusDetailType complex type in
SAML protocol schema.
|
StatusDetail |
The StatusCode element is a container of
one or more Status s issuded by authorization authority.
|
StatusDetailImpl |
The StatusCode element is a container of
one or more Status s issuded by authorization authority.
|
StatusImpl |
The Status element is a container of
one or more Status s issuded by authorization authority.
|
StatusMessage |
This class represents the StatusMessage element in
SAML protocol schema.
|
StatusMessage |
The StatusMessage element is a container of
one or more StatusMessage s issuded by authorization authority.
|
StatusMessageImpl |
The StatusMessage element is a container of
one or more StatusMessage s issuded by authorization authority.
|
StatusResponse |
This class represents the StatusResponseType complex type in
SAML protocol schema.
|
StorageType |
Indicates whether the service should operate in stateless or stateful mode.
|
Streams |
Utility methods for operating on IO streams.
|
StringOrURI |
This class provides an utility method for validating that a String is either an arbitrary string without any ":"
characters or if the String does contain a ":" character then the String is a valid URI.
|
Strings |
Common utility methods for Strings.
|
SubConfig |
Indicates that a method contains rich sub-configuration(s) of the parent configuration (or sub-configuration).
|
SubentriesRequestControl |
The sub-entries request control as defined in RFC 3672.
|
Subject |
Deprecated. |
Subject |
The Subject element specifies one or more subjects.
|
Subject |
The Subject specifies the principal that is the subject
of all of the statements in the assertion.
|
Subject |
The Subject element specifies information about a
subject of the Request context by listing a
sequence of Attribute elements associated with the
subject.
|
SubjectConfirmation |
The SubjectConfirmation element specifies a subject by specifying
data that authenticates the subject.
|
SubjectConfirmation |
The SubjectConfirmation provides the means for a relying
party to verify the correspondence of the subject of the assertion
with the party with whom the relying party is communicating.
|
SubjectConfirmationData |
The SubjectConfirmationData specifies additional data
that allows the subject to be confirmed or constrains the circumstances
under which the act of subject confirmation can take place.
|
SubjectDecision |
Class to represent EntitlementSubject evaluation match result and - if applicable - its advices.
|
SubjectImpl |
The Subject element specifies information about a
subject of the Request context by listing a
sequence of Attribute elements associated with the
subject.
|
SubjectLocality |
The SubjectLocality element specifies the DNS domain name
and IP address for the system entity that performed the authentication.
|
SubjectLocality |
The SubjectLocality element specifies the DNS domain name
and IP address for the system entity that performed the authentication.
|
SubjectProvider |
Defines the concerns of providing the Subject to be included in the generated SAML2 assertion.
|
SubjectQueryAbstract |
This class represents the SubjectQueryAbstractType complex type.
|
SubjectStatement |
The SubjectStatement element is an extension
point that allows other assertion-based applications to reuse the SAML
assertion framework.
|
SubjectTypeManager |
Deprecated.
|
SubResources |
Sub-resources of a resource are declared here.
|
SubResources.Builder |
Builder to help construct the SubResources.
|
SubscriptionHelper |
Utility methods to validate Subscriptions in the various onSubscribe calls.
|
SubstitutionContext |
|
SubstitutionException |
Exception thrown during substitution process.
|
SubstitutionService |
Substitute tokens in the source String with their resolved value.
|
SubtreeDeleteRequestControl |
The tree delete request control as defined in draft-armijo-ldap-treedelete.
|
Supplier<T,E extends Exception> |
A Supplier functional interface which can throw a checked Exception.
|
Supported |
This annotation marks AM APIs that are considered stable and should not change in minor releases (except possibly
when a security fix requires such change).
|
SupportedAll |
This annotation marks AM APIs that are considered stable and should not change in minor releases (except possibly
when a security fix requires such change).
|
SupportedEllipticCurve |
Enumerates all supported elliptic curve parameters for ESXXX signature formats.
|
SuspendedTextOutputCallback |
Suspended text output callback extends TextOutputCallback to allow a custom message to be displayed to the
user whilst informing the client that the current auth flow has been suspended.
|
SuspensionHandler |
This handler interface allows authentication nodes to suspend authentication and send a unique ID out of band to the
end-user.
|
SwitchableRxSocket<M> |
A reactive socket implementation which delegates to a replaceable delegate reactive socket.
|
SynchronousRequestHandler |
|
Syntax |
Deprecated.
|
Syntax |
This class defines a data structure for storing and interacting with an LDAP
syntaxes, which constrain the structure of attribute values stored in an LDAP
directory, and determine the representation of attribute and assertion values
transferred in the LDAP protocol.
|
Syntax.Builder |
A fluent API for incrementally constructing syntaxes.
|
SyntaxImpl |
This interface defines the set of methods and structures that must be
implemented to define a new attribute syntax.
|
SystemProperties |
This class provides functionality that allows single-point-of-access to all
related system properties.
|
SystemPropertyResolver |
A SystemPropertyResolver resolves a config token using system properties.
|
TaskDispatcher |
TaskDispatcher operates as the coordinator of asynchronous task processing in the CTS persistence layer.
|
TextArea |
An annotation which tags a configuration method as representing a large body of text which requires a larger input.
|
ThingsAccessAuditFilter |
Audit filter for capturing details about the things endpoint responses.
|
ThingsResource |
ThingsResource handles REST calls made to the things endpoint.
|
ThreadPool |
This thread pool maintains a number of threads that run the tasks from a task
queue one by one.
|
ThreadPoolSecretStore<T extends Secret> |
A secret store that wraps another secret store and performs all query operations in a background thread using a
thread pool.
|
Threads |
Common utility methods for Threads.
|
TimeoutResultException |
Thrown when the result code returned in a Result indicates that the Request
was aborted because it did not complete in the required time out period.
|
TimeoutScheduler |
|
TimeoutScheduler.TimeoutEventListener |
Listener on timeout events.
|
Title |
Annotation to define JSON Schema property's title.
|
Token |
A simple domain value responsible for modelling a Core Token Service Token.
|
Token |
Models a OAuth2 token.
|
TokenAdapter<T> |
Describes the ability to convert from one type of object into a Token and the
reverse operation of converting from a Token into the object of type T.
|
TokenBlobStrategy |
Responsible for selecting the appropriate algorithm for dealing with Token binary objects
prior to them being stored in the data store.
|
TokenBlobUtils |
Responsible for handling the encoding and decoding of the binary object format
the CTS Token.
|
TokenCreationException |
An instance of this exception is thrown for errors encountered during token creation.
|
TokenDeletionStrategy |
Is responsible for deleting expired tokens and performing any post-processing.
|
TokenFactory |
Creates a Token object that can then be stored into the CTS.
|
TokenFilter |
Describes a collection of filters which can be applied to the CTS query function
as part of a complex query.
|
TokenFilterBuilder |
|
TokenHandler |
Responsible for the validation, generation and parsing of tokens used for keying a JsonValue
representative of some state.
|
TokenHandlerException |
An exception generated by a TokenHandler on either creation, validation, or state extraction.
|
TokenIdGenerator |
In interface for objects that can generate an identifier for a token if the existing one is null.
|
TokenIntrospectionAccessTokenResolver |
|
TokenModifications |
Describes the possible modifications that can be applied as part of the CTSPersistentStore
patch operation.
|
TokenModifications.TokenModificationType |
Contains equivalent values for the ModificationType values.
|
TokenStorageAdapter |
Adapts the token to some activity against the connection type.
|
TokenStrategyFailedException |
Responsible for capturing the reason why a Token Blob Strategy failed.
|
TokenType |
Responsible for defining the available token types in the Core Token Service.
|
TokenTypeId |
Provides an extensible means of identifying a to-be-validated or to-be-provided token type.
|
TokenValidationException |
An instance of this exception is thrown for all errors related to token validation.
|
TrailerHeader |
A Header representation of the Trailer HTTP response header.
|
TransactionId |
TransactionId value should be unique per request coming from an external agent so that all events occurring in
response to the same external stimulus can be tied together.
|
TransactionIdContext |
|
TransactionIdHeader |
Processes the transactionId header used mainly for audit purpose.
|
TransactionIdInboundFilter |
|
TransactionIdOutboundFilter |
This filter aims to create a sub-transaction's id and inserts that value as a header of the request.
|
TransformedRxSocket<U,D> |
A reactive socket which wraps an underlying downstream reactive socket, providing opportunities to transform
transferred data or provide additional functionality.
|
TransformerException |
Signals that an error occurred while transforming an API Description to another format.
|
TranslateJsonSchema |
Iterates over each JsonValue node in the JsonValue structure and if it's a String marked for translation,
It replaces the String with a LocalizableString.
|
TreeContext |
A representation of the context of the current tree authentication process.
|
TreeHook |
A TreeHook encapsulates some functionality that should be executed at the end of a tree, after authentication.
|
TreeHook.Metadata |
Annotation that describes the metadata of the node.
|
TreeMapEntry |
An implementation of the Entry interface which uses a TreeMap for storing attributes.
|
TreeMetaData |
Meta data API to expose data concerning the evaluating tree, to nodes who care for that data.
|
TrustManagers |
This class contains methods for creating common types of trust manager.
|
UnavailableSecretReferenceException |
An exception that occured when a secret reference is not available.
|
UnbindRequest |
The Unbind operation allows a client to terminate an LDAP session.
|
UncategorizedException |
An exception that indicates that a failure is not directly known to the
system, and hence requires out-of-band knowledge or enhancements to determine
if a failure should be categorized as temporary or permanent.
|
UniqueItems |
Annotation to mark a JSON Schema array-items as unique.
|
UnknownRequest |
Wraps a message that the LdapServer was unable to decode because it did not recognize it.
|
UnknownRxTransportException |
Exception thrown when a transport implementation can't be found.
|
UnknownSchemaElementException |
Thrown when a schema query fails because the requested schema element could
not be found or is ambiguous.
|
UnmodifiableCollection |
An marker interface for tagging collection implementations as read-only.
|
UnrecognizedCriticalHeaderException |
|
UnsupportedMediaTypeException |
Indicates a 415 Unsupported Media Type response that the Content-Type of the request was not acceptable.
|
Update |
Indicates an CREST update method on an annotated POJO.
|
Update |
Class that represents the Create Operation type in API descriptor.
|
Update.Builder |
Builder to help construct Update.
|
UpdateRequest |
A request to update a JSON resource by replacing its existing content with new content.
|
UpgradeException |
This class is an extension point for all Upgrade related exceptions.
|
UpgradeUtils |
This class contains utilities to upgrade the service schema
configuration to be compatible with OpenAM.
|
UriRouterContext |
A Context which is created when a request has been routed.
|
UriRouterContext.Builder |
|
Uris |
Utility class for performing operations on universal resource identifiers.
|
URLValidator |
|
UsageDirectiveHeader |
The UsageDirectiveHeader class represents 'UsageDirective'
element defined in SOAP binding schema.
|
UserCodeGenerator |
Generator for OAuth2 User Codes.
|
UserDetailsConfig |
Configuration for the user details stage.
|
UserDetailsStage |
Stage is responsible for request a new user json representation.
|
UserIDGenerator |
An application implements a UserIDGenerator interface and
registers itself to the Core Authentication service so that authentication
modules can retrieve a list of auto-generated user IDs.
|
UserInfo |
Each instance will return the user subject that identifies a user on an auth server as well
as the entire raw profile that was retrieved when making a request to the user info endpoint.
|
UserInfoClaims |
Simple bean that contains the values of claims, and the scopes that
provisioned them (if any).
|
UserInfoClaimsPlugin |
A plugin or (extension point) that fetches the resource owners information based on an issued access token.
|
UserNamePasswordValidationException |
This class is for handling Exception that is thrown when the user name
password validation plugin is failed or any invalid characters detected in
user name.
|
UserPassword |
An encoded user password that contains a storage scheme and an encoded vaulue.
|
UserQueryConfig |
Configuration for the user query stage.
|
UserQueryStage |
Stage is responsible for querying the underlying service for a user based on the supplied query fields.
|
UserRegistrationConfig |
Configuration for the user registration stage.
|
UserRegistrationConsoleConfig |
Represents user registration console configuration.
|
UserRegistrationConsoleConfig.UserRegistrationBuilder |
|
UserRegistrationStage |
Stage is responsible for registering the user supplied data using the underlying service.
|
UserUpdateService |
A RequestHandler that proxies user requests to update the user's KBA answers.
|
Utils |
This class contains utility methods.
|
Utils |
This class provides utility methods to share common behaviour.
|
Utils |
This class provides utility functions.
|
Utils |
Deprecated.
|
ValidateActiveAccountConfig |
Configuration for the validate active account stage.
|
ValidateActiveAccountStage |
Stage is responsible for validating account status.
|
ValidationUtil |
API Descriptor model-validation utilities.
|
ValidValues |
Deprecated.
|
VaultCipher |
|
VaultConfig |
Encapsulates the common configuration required for Hashicorp Vault secret backends.
|
VaultConfig.Builder |
Builder object for Vault configuration settings.
|
VaultDatabaseCredentialsSecretStore |
A secret store that can fetch fresh database credentials from the Vault Database secret engine.
|
VaultKeyValueSecretStore |
|
VaultKeyValueSecretStore.SecretField |
|
VaultKeyValueSecretStore.SecretFieldDecoder |
Determines how a field in the Vault JSON response should be decoded into one or more fields on a
SecretBuilder object.
|
VaultMac |
|
VaultMac.HmacSha224 |
HMAC-SHA-224.
|
VaultMac.HmacSha256 |
HMAC-SHA-256.
|
VaultMac.HmacSha384 |
HMAC-SHA-384.
|
VaultMac.HmacSha512 |
HMAC-SHA-512.
|
VaultPkiSecretStore |
|
VaultSignature |
|
VaultSignature.EcdsaP256Sha256Signature |
ECDSA with SHA-256.
|
VaultSignature.EcdsaP384Sha384Signature |
ECDSA with SHA-384.
|
VaultSignature.EcdsaP521Sha512Signature |
ECDSA with SHA-512.
|
VaultSignature.Ed25519Signature |
Ed25519.
|
VaultSignature.GenericRsaPssSignature |
Generic RSA with PSS padding.
|
VaultSignature.RsaPkcs1Sha256Signature |
RSA with SHA-256 and PKCS#1 v1.5 padding.
|
VaultSignature.RsaPkcs1Sha384Signature |
RSA with SHA-384 and PKCS#1 v1.5 padding.
|
VaultSignature.RsaPkcs1Sha512Signature |
RSA with SHA-512 and PKCS#1 v1.5 padding.
|
VaultSignature.RsaPssSha256Signature |
RSA with SHA-256 and PSS padding.
|
VaultSignature.RsaPssSha384Signature |
RSA with SHA-384 and PSS padding.
|
VaultSignature.RsaPssSha512Signature |
RSA with SHA-512 and PSS padding.
|
VaultTransitProvider |
|
VaultTransitSecretStore |
Implements a store for cryptographic keys based on Vault's
transit engine, which implements
cryptography as a service.
|
VerificationKey |
A key used for verifying digital signatures.
|
VerifyEmailAccountConfig |
Configuration for the email account verification stage.
|
VerifyEmailAccountStage |
Having retrieved the email address from the context or in response to the initial requirements, verifies the
validity of the email address with the user who submitted the requirements via an email flow.
|
Version |
Represents some version in the form majorNumber.minorNumber,
for instance 2.4.
|
VersionedPath |
Class that represents versioned Resource s on an API descriptor path.
|
VersionedPath.Builder |
Builder to help construct the VersionedPath.
|
VirtualListViewRequestControl |
The virtual list view request control as defined in
draft-ietf-ldapext-ldapv3-vlv.
|
VirtualListViewResponseControl |
The virtual list view response control as defined in
draft-ietf-ldapext-ldapv3-vlv.
|
VisibleForTesting |
This annotation doesn't actually do anything, other than provide documentation of the fact that a function has
either been marked public, or package private in order for a test (somewhere physically distant in the system)
to compile.
|
Warning |
|
WarningHeader |
Processes the Warning message header.
|
WebtopParser |
XMLParser provides a way for applications to handle a hook into
applications and applications and its server.
|
WellKnownOpenIdConfigurationFactory |
This class creates JWKOpenIdResolverImpl's from a supplied
well-known open id configuration url.
|
WhoAmIExtendedRequest |
The who am I extended request as defined in RFC 4532.
|
WhoAmIExtendedResult |
The who am I extended result as defined in RFC 4532.
|
WithExampleSchema<T> |
Extension for CREST and OpenAPI schemas to express an example value.
|
WritePolicy |
Enum that represents the Schema write policies.
|
WSFederationException |
This class is an extension point for all WS-Federation related exceptions.
|
WwwAuthenticateHeader |
A Header representation of the WWW-Authenticate HTTP header.
|
WwwAuthenticateHeader.Challenge |
A single WWW-Authenticate challenge.
|
X509CertificateBuilder |
A class for building X509 certificates as described in RFC 5280.
|
X509CertificateBuilder.ExtendedKeyUsage |
An enumeration of extended key usages.
|
X509CertificateBuilder.KeyUsage |
An enumeration of key usages.
|
XACMLAuthzDecisionQuery |
The XACMLAuthzDecisionQuery element is a SAML Query that
extends SAML Protocol schema type RequestAbstractType .
|
XACMLAuthzDecisionQueryImpl |
The XACMLAuthzDecisionQueryImpl is an impelmentation
of XACMLAuthzDecisionQuery interface.
|
XACMLAuthzDecisionStatement |
XACMLAuthzDecisionStatement is an extension of
samlp:StatementAbstractType that is carried in a
SAML Assertion to convey xacml-context:Response
Schema:
|
XACMLConstants |
This interface defines constants common to all XACML elements.
|
XACMLException |
This class is an extension point for all XACML related exceptions.
|
XACMLQueryUtil |
This class provides methods to send or process AttributeQuery .
|
XACMLRequestProcessor |
This class provides the public API to process XACML context Request.
|
XACMLSDKUtils |
The XACMLSDKUtils contains utility methods for XACML 2.0
implementation.
|
XECUtils |
Utilities for handling XEC keys for X25519 and X448 ECDH key agreement.
|
XForwardedForHeader |
Processes the X-Forwarded-For message header.
|
XMLHandler |
This is a custom XML handler to load the dtds from the classpath This should
be used by all the xml parsing document builders to set the default entity
resolvers.
|
XmlSerializable |
Common super-interface for all SAML elements that can be serialized into XML.
|
XMLUtils |
Utility classes for handling XML.
|