Class SessionInfoFilter

  • All Implemented Interfaces:
    Filter

    public class SessionInfoFilter
    extends Object
    implements Filter
    This filter requests user session info from Access Management and stores it on the context for later use. Note that only session properties that are whitelisted in Access Management will be available.
     {
          "config": {
              "amService"             : AmService   [REQUIRED]
              "ssoToken"              : expression  [OPTIONAL - user token - defaults to iPlanetDirectoryPro cookie ]
          }
     }
     
     
    This heaplet adds an InsertSsoTokenHeaderFilter to set the SSO token header of this given user (REST API calls must present the session token, aka SSO Token, in an HTTP header as proof of authentication).

    The "session info" is saved in a SessionInfoContext.

    Example of use:

     {
          "name": "SessionInfo",
          "type": "SessionInfoFilter",
          "config": {
              "amService": "amService",
              "ssoToken": "${request.cookies['iPlanetDirectoryPro'][0].value}",
          }
      }
      
     
    • Constructor Detail

      • SessionInfoFilter

        public SessionInfoFilter​(SessionService sessionService,
                                 Expression<String> ssoToken)
        Creates a new OpenAM session info filter.
        Parameters:
        sessionService - The sessionService to use to retrieve session info.
        ssoToken - The SSO Token for the subject making the request.
    • Method Detail

      • filter

        public Promise<Response,​NeverThrowsException> filter​(Context context,
                                                                   Request request,
                                                                   Handler next)
        Description copied from interface: Filter
        Filters the request and/or response of an exchange. To pass the request to the next filter or handler in the chain, the filter calls next.handle(context, request).

        This method may elect not to pass the request to the next filter or handler, and instead handle the request itself. It can achieve this by merely avoiding a call to next.handle(context, request) and creating its own response object. The filter is also at liberty to replace a response with another of its own by intercepting the response returned by the next handler.

        Specified by:
        filter in interface Filter
        Parameters:
        context - The request context.
        request - The request.
        next - The next filter or handler in the chain to handle the request.
        Returns:
        A Promise representing the response to be returned to the client.