Class AcrStore

  • public class AcrStore
    extends Object
    CRUD data in the authentication session, which are related to step-up authentication
    Marek Posolda
    • Method Detail

      • isLevelOfAuthenticationForced

        public boolean isLevelOfAuthenticationForced()
      • getRequestedLevelOfAuthentication

        public int getRequestedLevelOfAuthentication()
      • isLevelOfAuthenticationSatisfiedFromCurrentAuthentication

        public boolean isLevelOfAuthenticationSatisfiedFromCurrentAuthentication()
      • isLevelAuthenticatedInPreviousAuth

        public boolean isLevelAuthenticatedInPreviousAuth​(int level,
                                                          int maxAge)
        level - level of authentication
        maxAge - maxAge for which this level is considered valid
        True if the particular level was already authenticated before in this userSession and is still valid
      • getLevelOfAuthenticationFromCurrentAuthentication

        public int getLevelOfAuthenticationFromCurrentAuthentication()
        return level, which was either: - directly authenticated in current authentication - or was already verified that can be re-used from previous authentication
        see above
      • setLevelAuthenticated

        public void setLevelAuthenticated​(int level)
        Save authenticated level to authenticationSession (for current authentication) and loa map (for future authentications)
        level - level to save
      • setLevelAuthenticatedToCurrentRequest

        public void setLevelAuthenticatedToCurrentRequest​(int level)
        Set level to the current authentication session
        level - , which was authenticated by user
      • getHighestAuthenticatedLevelFromPreviousAuthentication

        public int getHighestAuthenticatedLevelFromPreviousAuthentication()
        highest authenticated level from previous authentication, which is still valid (not yet expired)