Package ch.ivyteam.ivy.security

Interface ISession

All Superinterfaces:
IAttributeStore<Object>, IUserToken
All Known Subinterfaces:
IWorkflowSession
public interface ISession extends IUserToken, IAttributeStore<Object>
A session holds information about a user who interacts with ivy. The session offers access to session attributes via the IAttributeStore interface. Please note that those attributes are no longer available, once the session has been destroyed.

Note: Sessions are attached to a cluster node. All Operations on ISession are limited to one cluster node and do not consider session on other cluster nodes. This must be considered specially for the methods.

If you need information about all Sessions in a cluster use ISecurityContext.sessions() and ISessionRepository.clusterSnapshot()

Since:
17.05.2006
API:
This is a public API.

  • Method Details

    • getIdentifier

      int getIdentifier()
      Returns the session identifier
      Returns:
      session identifier
      API:
      This public API is available in Java.

    • isSessionUserUnknown

      boolean isSessionUserUnknown()
      If this session is anonymous (e.g., no user has been authenticated within the session) then the session user is unknown. If a user has been authenticated within the session, then the session user is known.
      Returns:
      true if session user is unknown (anonymous session)
      Throws:
      PersistencyException - if persistency access fails
      See Also:
      API:
      This public API is available in Java.

    • isSessionUserSystemUser

      boolean isSessionUserSystemUser()
      Returns true if the current session user is the System User.
      Returns:
      true if the current session user is the System User.
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.

    • getSessionUser

      IUser getSessionUser()
      Returns the session user or null if no user has been authenticated within the session (e.g., an anonymous session)
      Returns:
      session user or null if no user has been authenticated within the session
      Throws:
      PersistencyException - if persistency access fails
      See Also:
      API:
      This public API is available in Java.

    • assignRole

      void assignRole(IRole role)
      Assigns a role to the session.
      Parameters:
      role - The role to assign
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.
      Security:
      SESSION MATCHES THIS OR OWNS SessionAssignRole PERMISSION OR OWNS SessionAssignRole@SYSTEM PERMISSION

    • checkPassword

      boolean checkPassword(String password)
      Verifies the current user's password. This method will only work if the session user is a wellknown user since unknown users don't have a password
      Parameters:
      password - The password to be checked
      Returns:
      true if the specified password is correct for the currently logged on user, false otherwise
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.

    • loginSessionUser

      default boolean loginSessionUser(String userName, String password)
      Logs in the session user if authentication is successful.

      In case of success the user is assigned to the session. Which means the session user changes from unknown to a wellknown user. If there is already a user authenticated within the session, then the old user is logged out after successful authentication of the new user (unless it is the same user, in which case no logout is performed).

      See logoutSessionUser for a description what happens during logout. When the logout is performed, all running tasks of this session are reset, except the current running one.

      If authentication is not not successful, the method will return false

      Parameters:
      userName - The name of the user
      password - The password of the user
      Returns:
      true if login was successful, false otherwise
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.

    • loginSessionUser

      boolean loginSessionUser(String userName, String password, long currentTaskId)
      Logs in the session user if authentication is successful.

      In case of success the user is assigned to the session. Which means the session user changes from unknown to a wellknown user. If there is already a user authenticated within the session, the user is logged out before authentication of the new user is performed. See logoutSessionUser for a description what happens during logout. When the logout is performed, all running tasks of this session are reset, expect the one with the current Task ID.

      If authentication is not not successful, the method will return false

      Parameters:
      userName - The name of the user
      password - The password of the user
      currentTaskId - The ID of the current task
      Returns:
      true if login was successful, false otherwise
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.

    • logoutSessionUser

      default void logoutSessionUser()
      Logs the session user out of this session. The session user is afterwards unknown. All task which the user has resumed so far are reset, except the current running one. To login a session user use the method authenticateSessionUser
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.

    • logoutSessionUser

      void logoutSessionUser(long currentTaskId)
      Logs the session user out of this session. The session user is afterwards unknown. All task which the user has resumed so far are reset except the current task with the given ID. To login a session user use the method authenticateSessionUser
      Parameters:
      currentTaskId - The current Task ID
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.

    • getSecurityContext

      ISecurityContext getSecurityContext()
      Gets the security context
      Returns:
      security context
      API:
      This public API is available in Java.

    • isAbsent

      boolean isAbsent()
      Is the session user currently absent
      Returns:
      true if it is absent, otherwise false
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.
      Security:
      SESSION MATCHES THIS OR OWNS SessionReadAbsent PERMISSION OR OWNS SessionReadAbsent@SYSTEM PERMISSION

    • hasActiveSubstitutions

      boolean hasActiveSubstitutions()
      Returns true if this session is an active substitution for other users (at least one). Active means the substituted user(s) is (are) absent, so that this session acts as substitute for that (those) users.
      Returns:
      true if session is an active subsitution, otherwise false.
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.
      Security:
      SESSION MATCHES THIS OR OWNS SessionReadActiveSubstitutions PERMISSION OR OWNS SessionReadActiveSubstitutions@SYSTEM PERMISSION

    • getActiveSubstitutions

      List<IUserSubstitute> getActiveSubstitutions()
      Gets the active substitutions
      Returns:
      DataSet with the active substitutions
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.
      Security:
      SESSION MATCHES THIS OR OWNS SessionReadActiveSubstitutions PERMISSION OR OWNS SessionReadActiveSubstitutions@SYSTEM PERMISSION

    • getClusterNode

      String getClusterNode()
      Gets the cluster node the session is running (task state RESUMED) on
      Returns:
      the name of the cluster node the session is running (task state RESUMED) on
      API:
      This public API is available in Java.

    • isMemberThroughActiveSubstitution

      boolean isMemberThroughActiveSubstitution(String securityMemberName)
      Returns true if the current user is member of the security member name because of active substitution that substitutes him as the security member. If the security mamber is a role that the current user owns for himself or is himself the method return false.
      Parameters:
      securityMemberName - the security mamaber name
      Returns:
      true if he is a member of an active substitution, otherwise false.
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.
      Security:
      SESSION MATCHES THIS OR OWNS SessionReadIsMemberThroughActiveSubstitution PERMISSION OR OWNS SessionReadIsMemberThroughActiveSubstitution@SYSTEM PERMISSION

    • isMemberThroughActiveSubstitution

      boolean isMemberThroughActiveSubstitution(ISecurityMember securityMember)
      Returns true if the current user is member of the security member because of active substitution that substitutes him as the security member. If the security mamber is a role that the current user owns for himself or is himself the method return false.
      Parameters:
      securityMember - the security mamaber
      Returns:
      true if he is a member of an active substitution, otherwise false.
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.
      Security:
      SESSION MATCHES THIS OR OWNS SessionReadIsMemberThroughActiveSubstitution PERMISSION OR OWNS SessionReadIsMemberThroughActiveSubstitution@SYSTEM PERMISSION

    • getMySessions

      List<ISession> getMySessions()
      Gets all other session where the current session user is also logged in. Sessions from other cluster nodes are NOT contained in the result
      Returns:
      DataSet with my sessions
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.
      Security:
      SESSION MATCHES THIS OR OWNS SessionReadAllMySessions PERMISSION OR OWNS SessionReadAllMySessions@SYSTEM PERMISSION

    • hasMoreThanOneSession

      boolean hasMoreThanOneSession()
      Returns true if the session user is logged into more than one session. This method does NOT consider sessions on other cluster nodes
      Returns:
      true if user is logged into more than one session, otherwise false
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.
      Security:
      SESSION MATCHES THIS OR OWNS SessionReadAllMySessions PERMISSION OR OWNS SessionReadAllMySessions@SYSTEM PERMISSION

    • hasPermission

      boolean hasPermission(ISecurityDescriptor securityDescriptor, IPermission permission)
      Checks if the current session has a certain permission on the security descriptor
      Parameters:
      securityDescriptor - the security descriptor to check for the permission
      permission - the identifier of the permission to check
      Returns:
      true if sesion has permission, otherwise false
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.

    • checkPermission

      void checkPermission(ISecurityDescriptor securityDescriptor, IPermission permission)
      Checks if the current session has a certain permission on the security descriptor
      Parameters:
      securityDescriptor - the security descriptor to check for the permission
      permission - the permission to check
      Throws:
      PersistencyException - if persistency access fails
      API:
      This public API is available in Java.

    • getSessionUserName

      String getSessionUserName()
      Gets the user name of the session user or if no user has been authenticated within the session returns "Unknown User (Session ###)" where ### stands for the session identifier.
      Returns:
      session user name. Never null.
      Throws:
      PersistencyException - if persistency access fails
      See Also:
      API:
      This public API is available in Java.

    • setContentLocale

      void setContentLocale(Locale contentLocale)
      Sets the locale (language and country) to use for the look up of content objects from the CMS. This value overrides the locale computed by the ivy Engine depending on the client browser and client OS.
      Parameters:
      contentLocale - the language and country to use for the look up of content objects from the CMS, or null to reset the setting.
      API:
      This public API is available in Java.

    • setContentLocale

      default void setContentLocale(String language, String country)
      Sets the locale (language and country) to use for the look up of content objects from the CMS. This value overrides the locale computed by the ivy Engine depending on the client browser and client OS. Construct a locale from language, country. NOTE: ISO 639 is not a stable standard; some of the language codes it defines (specifically iw, ji, and in) have changed. This constructor accepts both the old codes (iw, ji, and in) and the new codes (he, yi, and id), but all other API on Locale will return only the OLD codes.
      Parameters:
      language - two-letter ISO-639-1 code
      country - two-letter ISO-3166 code
      Throws:
      NullPointerException - thrown if either argument is null
      API:
      This public API is available in Java.

    • getContentLocale

      Locale getContentLocale()
      Returns the current language and country to use for the look up of content objects from the CMS. If no user settings are made by calling the setContentLocale(...) method, then the ivy Engine uses the client browser and client OS settings to evaluate the current locale.
      Returns:
      the current locale to use for the look up of content objects from the CMS.
      API:
      This public API is available in Java.

    • setFormattingLocale

      void setFormattingLocale(Locale formattingLocale)
      Sets the locale (language and country) to use for the formatting of Date, Time and Numbers. This value overrides the locale computed by the ivy Engine depending on the client browser and client OS.
      Parameters:
      formattingLocale - the language and country to use for the formatting of Date, Time and Numbers, or null to reset the setting.
      API:
      This public API is available in Java.

    • setFormattingLocale

      default void setFormattingLocale(String language, String country)
      Sets the locale (language and country) to use for the formatting of Date, Time and Numbers. This value overrides the locale computed by the ivy Engine depending on the client browser and client OS.
      Parameters:
      language - two-letter ISO-639-1 code
      country - two-letter ISO-3166 code
      Throws:
      NullPointerException - thrown if either argument is null
      API:
      This public API is available in Java.

    • getFormattingLocale

      Locale getFormattingLocale()
      Returns the current language and country to use for the formatting of Date, Time and Numbers. If no user settings are made by calling the setFormattingLocale(...) method, then the ivy Engine uses the client browser and client OS settings to evaluate the current locale.
      Returns:
      the current locale to use for the formatting of Date, Time and Numbers.
      API:
      This public API is available in Java.

    • current

      static ISession current()

      Gets the current session.

      Will return null if called out of scope. The scope is set if you call this method from an ivy process or any supported ivy environment. It is not set in non supported ivy environments (e.g. if you start your own threads, etc.).

      Returns:
      current session or null if out of scope
      Since:
      9.1
      API:
      This public API is available in Java.