Package org.forgerock.openig.openam
package org.forgerock.openig.openam
Integration classes specifically for ForgeRock Access Management.
-
ClassDescriptionAbstract
Filter
base class providing policy condition advice support.This heaplet represents an instance of anAmService
that can shared amongst AM related filters such as theSingleSignOnFilter
and thePolicyEnforcementFilter
.ProvideAmServiceHeaplet
'sTypeDefinition
.ACapturedUserPasswordContext
to store the user's decrypted password.TheCapturedUserPasswordFilter
is responsible for retrieving the user password from AM and to decrypt it.Creates and initializes the filter in a heap environment.This filter handles any condition advices returned from AM during a policy evaluation, which one will depend on the policy.Context
implementation to maintain cross-domain SSO properties.Context
implementation to hold error details, should an error occur during cross-domain SSO authentication.This filter verifies the presence of a JWT authentication token in the configured cookie name: If the JWT is present then its validity is checked and the request is forwarded to the next handler. If the JWT is not present, then the user-agent is redirected to Access Management via its OAuth2 authorization endpoint, to obtain user authentication.Creates and initialises an authentication filter in a heap environment.Register all the aliases supported by the openig-openam module.APolicyDecisionContext
convey policy decision information to downstream filters and handlers.This filter requests policy decisions from Access Management which evaluates the original URI based on the context and the policies configured, and according to the decisions, allows or denies the current request.Creates and initializes a policy enforcement filter in a heap environment.TheRequestResourceUriProvider
has the following configuration:Creates and initializes a RequestResourceUriProvider in a heap environment.Used to obtain the resource URI to include in policy requests.A scriptable resource URI provider.Creates and initializes a scriptable resource url provider in a heap environment.Context
to store Access Management session info and properties.This filter requests user session info from Access Management and stores it on the context for later use.Creates and initialises a session info filter in a heap environment.This filter verifies the presence of a SSOToken in the given cookie name.Creates and initialises an authentication filter in a heap environment.ProvideSingleSignOnFilter
'sTypeDefinition
.TheSsoTokenContext
provides access to the token and user information related to this session.AStsContext
convey the token transformation results to downstream filters and handlers.ATokenTransformationFilter
is responsible for transforming a token issued by Access Management into a token of another type.Creates and initializes a token transformation filter in a heap environment.Used by theUserProfileFilter
to make the user's profile attributes available in the context.This filter requests user profile attributes from Access Management and stores them in the context for later use.Creates and initialises aUserProfileFilter
in a heap environment.Creates and initializes aUserProfileService
in a heap environment.