Class AmSessionIdleTimeoutFilter
- java.lang.Object
-
- org.forgerock.openig.openam.session.AmSessionIdleTimeoutFilter
-
- All Implemented Interfaces:
Filter
public class AmSessionIdleTimeoutFilter extends Object implements Filter
This filter will track the AM sessions (stateless or stateful) and will revoke them if their idle timeout goes over a defined limit.Configuration options:
"amService": AmService [REQUIRED] "idleTimeout": duration [REQUIRED - The maximum duration after a session is considered as timed out.] "sessionToken": expression<string> [OPTIONAL - Where to find the user's session token. Defaults to AM session cookie name.] "idleTimeoutUpdate": enum [OPTIONAL - The strategy to use to update the idle timeout: - ALWAYS (default) - NEVER - INCREASE_ONLY - DECREASE_ONLY ] "secretsProvider": SecretsProvider [OPTIONAL - The secrets provider used to obtain secrets. If missing, a random key will be generated.] "encryptionSecretId": SecretId [OPTIONAL - The secret ID of the encryption key used to perform authenticated encryption on the JWT.] "encryptionMethod": enum [OPTIONAL - The standard name of the encryption method to use with Authenticated Encryption. See RFC 7518#section-5.1 See (1). Defaults to A256GCM.] "cookie": { object [OPTIONAL - The structure describing the properties of the activity tracking cookie: ] "name": string [OPTIONAL - Name of cookie containing the activity marker. Defaults to "x-ig-activity-tracker".] "domain": string [OPTIONAL - Domain that cookie is applicable to. If not set, the cookie will be treated as a host-based cookie] "path": string [OPTIONAL - Path to apply to the cookie. Defaults to {@literal "/" }] "secure": boolean [OPTIONAL - Determines if the cookie should be set to be secure. Defaults to {@code false}.] "httpOnly": boolean [OPTIONAL - httpOnly flag. Defaults to {@code true}.] "sameSite": enum [OPTIONAL - STRICT, NONE or LAX. Defaults to {@code null}.] }- See Also:
- Encryption Algorithms for JWE,
EncryptionMethod
-
-
Nested Class Summary
Nested Classes Modifier and Type Class Description static classAmSessionIdleTimeoutFilter.HeapletThis class is responsible of creating theAmSessionIdleTimeoutFilterheap object.
-
Method Summary
All Methods Instance Methods Concrete Methods Modifier and Type Method Description Promise<Response,NeverThrowsException>filter(Context context, Request request, Handler next)Filters the request and/or response of an exchange.
-
-
-
Method Detail
-
filter
public Promise<Response,NeverThrowsException> filter(Context context, Request request, Handler next)
Description copied from interface:FilterFilters the request and/or response of an exchange. To pass the request to the next filter or handler in the chain, the filter callsnext.handle(context, request).This method may elect not to pass the request to the next filter or handler, and instead handle the request itself. It can achieve this by merely avoiding a call to
next.handle(context, request)and creating its own response object. The filter is also at liberty to replace a response with another of its own by intercepting the response returned by the next handler.
-
-