Class AmSessionIdleTimeoutFilter
java.lang.Object
org.forgerock.openig.openam.session.AmSessionIdleTimeoutFilter
- All Implemented Interfaces:
Filter
This filter will track the AM sessions (stateless or stateful) and will revoke them if their idle timeout goes
over a defined limit.
Configuration options:
"amService": AmService [REQUIRED]
"idleTimeout": duration [REQUIRED - The maximum duration after a session is considered
as timed out.]
"sessionToken": expression<string> [OPTIONAL - Where to find the user's session token.
Defaults to the AM session cookie.]
"removeAmSessionFilter": Filter [OPTIONAL - A filter to remove the AM session details from the
request when the session is no longer valid.
Defaults to a filter that removes the AM Session
cookie based on the AM session cookie name.]
"idleTimeoutUpdate": enum [OPTIONAL - The strategy to use to update the idle timeout:
- ALWAYS (default)
- NEVER
- INCREASE_ONLY
- DECREASE_ONLY ]
"secretsProvider": SecretsProvider [OPTIONAL - The secrets provider used to obtain secrets.
If missing, a random key will be generated.]
"encryptionSecretId": SecretId [OPTIONAL - The secret ID of the encryption key
used to perform authenticated encryption on the JWT.]
"encryptionMethod": enum [OPTIONAL - The standard name of the encryption method
to use with Authenticated Encryption.
See RFC 7518#section-5.1 See (1).
Defaults to A256GCM.]
"cookie": { object [OPTIONAL - The structure describing the properties of the
activity tracking cookie: ]
"name": string [OPTIONAL - Name of cookie containing the activity marker.
Defaults to "x-ig-activity-tracker".]
"domain": string [OPTIONAL - Domain that cookie is applicable to. If not set,
the cookie will be treated as a host-based cookie]
"path": string [OPTIONAL - Path to apply to the cookie.
Defaults to {@literal "/" }]
"secure": boolean [OPTIONAL - Determines if the cookie should be set to be
secure. Defaults to {@code false}.]
"httpOnly": boolean [OPTIONAL - httpOnly flag. Defaults to {@code true}.]
"sameSite": enum [OPTIONAL - STRICT, NONE or LAX. Defaults to {@code null}.]
}
-
Nested Class Summary
Modifier and TypeClassDescriptionstatic class
This class is responsible of creating theAmSessionIdleTimeoutFilter
heap object. -
Method Summary
-
Method Details
-
filter
public Promise<Response,NeverThrowsException> filter(Context context, Request request, Handler next) Description copied from interface:Filter
Filters the request and/or response of an exchange. To pass the request to the next filter or handler in the chain, the filter callsnext.handle(context, request)
.This method may elect not to pass the request to the next filter or handler, and instead handle the request itself. It can achieve this by merely avoiding a call to
next.handle(context, request)
and creating its own response object. The filter is also at liberty to replace a response with another of its own by intercepting the response returned by the next handler.
-