SP adapter scripting API

The SP adapter script is a legacy script and therefore has access to all the legacy common bindings in addition to those described here.

Binding Description

Binding	Description
`authnRequest`	The original authentication request sent from the SP. Only available to single sign-on functions. Refer to AuthnRequest.
`binding`	The binding used for the name identifier request: `urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect` or `urn:oasis:names:tc:SAML:2.0:bindings:SOAP` Not available to single sign-on functions.
`failureCode`	The failure code associated with the error that has occurred. For possible values, refer to SPAdapter. Only available to `preSendFailureResponse`.
`hostedEntityId`	The entity ID for the hosted SP.
`idpEntityID`	The entity ID for the IDP that sends the sign-on request.
`idRequest`	The ManageNameIDRequest object for the name identifier request. Only available to `postNewNameIDSuccess` and `postTerminateNameIDSuccess`.
`idResponse`	The ManageNameIDResponse object for the name identifier request. Only available to `postNewNameIDSuccess` and `postTerminateNameIDSuccess`.
`isFederation`	A boolean indicating whether federation is True if using federation, otherwise false. Only available to the `postSingleSignOnSuccess` function.
`logoutRequest`	The single logout LogoutRequest. Only available to `preSingleLogoutProcess` and `postSingleLogoutProcess`.
`logoutResponse`	The single logout LogoutResponse. Only available to `preSingleLogoutProcess` and `postSingleLogoutProcess`.
`out`	The PrintWriter for writing to. Only available to `postSingleSignOnSuccess`.
`profile`	The protocol profile used: `urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST`, `urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact` or `urn:oasis:names:tc:SAML:2.0:bindings:PAOS`. Available to `preSingleSignOnProcess`, `postSingleSignOnSuccess`, and `postSingleSignOnFailure`.
`request`	The HttpServletRequest object. Always present.
`response`	The HttpServletResponse object. Always present.
`session`	Only available to `postSingleSignOnSuccess`. Contains a representation of the user’s single sign-on session object. Refer to the SSOToken interface for information about SSO token and authentication information, as well as session-related properties.
`spAdapterScriptHelper`	The SpAdapterScriptHelper instance contains supporting methods that provide context information when customizing the SP adapter plugin points. Always present.
`ssoResponse`	The SSO Response received from the Identity Provider. Available to `preSingleSignOnProcess`, `postSingleSignOnSuccess`, and `postSingleSignOnFailure`.
`userId`	The unique universal ID of the user associated with the request. Not available to single sign-on functions.

authnRequest

The original authentication request sent from the SP.

Only available to single sign-on functions.

Refer to AuthnRequest.

binding

The binding used for the name identifier request: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Redirect or urn:oasis:names:tc:SAML:2.0:bindings:SOAP

Not available to single sign-on functions.

failureCode

The failure code associated with the error that has occurred. For possible values, refer to SPAdapter.

Only available to preSendFailureResponse.

hostedEntityId

The entity ID for the hosted SP.

idpEntityID

The entity ID for the IDP that sends the sign-on request.

idRequest

The ManageNameIDRequest object for the name identifier request.

Only available to postNewNameIDSuccess and postTerminateNameIDSuccess.

idResponse

The ManageNameIDResponse object for the name identifier request.

Only available to postNewNameIDSuccess and postTerminateNameIDSuccess.

isFederation

A boolean indicating whether federation is True if using federation, otherwise false.

Only available to the postSingleSignOnSuccess function.

logoutRequest

The single logout LogoutRequest.

Only available to preSingleLogoutProcess and postSingleLogoutProcess.

logoutResponse

The single logout LogoutResponse.

Only available to preSingleLogoutProcess and postSingleLogoutProcess.

out

The PrintWriter for writing to.

Only available to postSingleSignOnSuccess.

profile

The protocol profile used: urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST, urn:oasis:names:tc:SAML:2.0:bindings:HTTP-Artifact or urn:oasis:names:tc:SAML:2.0:bindings:PAOS.

Available to preSingleSignOnProcess, postSingleSignOnSuccess, and postSingleSignOnFailure.

request

The HttpServletRequest object.

Always present.

response

The HttpServletResponse object.

Always present.

session

Only available to postSingleSignOnSuccess.

Contains a representation of the user’s single sign-on session object. Refer to the SSOToken interface for information about SSO token and authentication information, as well as session-related properties.

spAdapterScriptHelper

The SpAdapterScriptHelper instance contains supporting methods that provide context information when customizing the SP adapter plugin points.

Always present.

ssoResponse

The SSO Response received from the Identity Provider.

Available to preSingleSignOnProcess, postSingleSignOnSuccess, and postSingleSignOnFailure.

userId

The unique universal ID of the user associated with the request.

Not available to single sign-on functions.

PingAM 8.0.0

SP adapter scripting API