Home > Identity Manager, SAML, Security > Java Sample Client – Oracle Access Manager API – OAMAuthnCookie Validator

Java Sample Client – Oracle Access Manager API – OAMAuthnCookie Validator


Here is a sample Java Client code that validates the OAMAuthnCookie token. It performs 2 steps:

  1. Checks whether passed in OAMAuthnCookie token is valid and not expired
  2. Retrieves username for given OAMAuthnCookie token

OAMAuthnCookie can be found inside cookies of a browser. In the below Java client you need to put the value of OAMAuthnCookie inside the getUserNameFromToken() sessionToken.

 

package com.oam.test;

import java.util.Hashtable;

import oracle.security.am.asdk.AccessClient;
import oracle.security.am.asdk.AccessException;
import oracle.security.am.asdk.AuthenticationScheme;
import oracle.security.am.asdk.ResourceRequest;
import oracle.security.am.asdk.UserSession;

/**
 * This class is a sample to extract OAM Session cookie for authenticated user
 * and to extract userid for given OAM Session token
 * 
 * @author Karun
 * 
 */
public class OAMSessionCookieValidate {
    public static final String ms_resource = "//<STS IP>:7777/atest/index.jsp";

    public static final String ms_protocol = "http";
    public static final String ms_method = "GET";
    public static final String ms_login = "weblogic";
    public static final String ms_passwd = "<password>";
    public static final String m_configLocation = "D:\\Installables\\ofm_oam_sdk_generic_11.1.2.2.0_disk1_1of1";

    public static void main(String args[]) {
        AccessClient ac = null;
        try {
            System.out.println("Entered Try..");
            ac = AccessClient.createDefaultInstance(m_configLocation,
                    AccessClient.CompatibilityMode.OAM_10G);

            // ac = AccessClient.createDefaultInstance(m_configLocation);
            System.out.println("Created Default Instance.." + ac);
            ResourceRequest rrq = new ResourceRequest(ms_protocol, ms_resource,
                    ms_method);
            System.out.println("Created Resource Request object.." + rrq);
            String sessionToken = null;
            if (rrq.isProtected()) {
                System.out.println("Resource is protected.");
                AuthenticationScheme authnScheme = new AuthenticationScheme(rrq);
                System.out.println("Athentication Scheme:"
                        + authnScheme.isBasic());
                if (authnScheme.isBasic()) {
                    System.out.println("Basic Authentication Scheme.");
                    Hashtable creds = new Hashtable();
                    creds.put("userid", ms_login);
                    creds.put("password", ms_passwd);
                    UserSession session = new UserSession(rrq, creds);
                    if (session.getStatus() == UserSession.LOGGEDIN) {
                        if (session.isAuthorized(rrq)) {
                            System.out
                                    .println("User is logged in and authorized for the"
                                            + "request at level "
                                            + session.getLevel());
                            System.out.println("User Identity:"
                                    + session.getUserIdentity());
                            System.out
                                    .println("Status: " + session.getStatus());
                            System.out.println("Start time:"
                                    + session.getStartTime());
                            sessionToken = session.getSessionToken();
                            System.out.println("Session Token:" + sessionToken);
                            System.out.println("Last Usetime:"
                                    + session.getLastUseTime());

                            String userName = getUserNameFromToken(sessionToken);
                            System.out.println("Username*****=" + userName);

                        } else {
                            System.out
                                    .println("User is logged in but NOT authorized");
                        }
                        // user can be loggedout by calling logoff method on the
                        // session object
                    } else {
                        System.out.println("User is NOT logged in");
                    }
                } else {
                    System.out.println("non-Basic Authentication Scheme.");
                }
            } else {
                System.out.println("Resource is NOT protected.");
            }
        } catch (AccessException ae) {
            System.out.println("Access Exception: " + ae.getCause());
            ae.printStackTrace();
        } catch (Exception e) {
            e.printStackTrace();
        }
        if (ac != null)
            ac.shutdown();
    }

    public static String getUserNameFromToken(String sessionToken)
            throws AccessException {
        String userName = null;
        sessionToken = "rHt95P4PrMP2k%2FG%2BxydisWbDdtbjKoIjHgL7sRVtIwDy6DBbP7WSzyrHxQs%2FIYfNe7QTXw%2Fruw6873smWJppdy8ooAAIqcJLj7BocSlV%2FUBdXVUhJWaySY%2BOrbRMaolMpe6lzwtOcsvSpxZ6fMdH976JYlsYJapNr%2FgC7HvONAUJD%2BwPwryFXrQ6%2F0zqrxsPGGztiPy%2BbC9N%2BwcDbPmZUzcfQksmF6%2BPRvZ4Gbi%2FDUKuxz8kBPYIOphaLIZ2BkWTo6kXwOuXMDP4mwF25%2FCHECk03uNZVOTYza%2BBOmzl52JykyABehI0M1xvLjutJ0NBm0Oz9fUZzKGByb31kNYMD2ltQfjKS271HBh37NlLa%2FQ42oTRDtg2HZQUgeyruRmpdSSDlLzq2NPEDB8oHbxADBKLOzrRWkdDEGv63TVb2LLS5LyCGUwRiPqbPHFz1hWoGNS34uoW1Lh1rglWEcLH%2F7Pc9HSCNDI2D9IGw57vKopbw2FIPl64wbOt8TY06uYz";
        UserSession session = new UserSession(sessionToken);
        userName = session.getUserIdentity();
        if (userName != null) {
            userName = userName.substring(userName.indexOf("uid=") + 4,
                    userName.indexOf(","));
        }
        return userName;
    }
}
Advertisements
  1. seshadri
    April 3, 2017 at 10:47 PM

    Hi,
    How can we encrypt the session token in oam

    Like

  2. seshadri
    April 3, 2017 at 10:49 PM

    Hi ,
    For encrypting session token , we need use any or any command .

    please provide any solution .

    Thanks,
    Seshadri c

    Like

  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: