|
The original authentication request.
Only available to SSO functions.
Example JSON (next-generation)
{
"signature": null,
"subject": null,
"id": "s2c48de88f798137a410875437b1a4c0fa7bd9b239",
"consent": "",
"forceAuthn": false,
"protocolBinding": "urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
"mutable": false,
"issueInstant": 1769521762000,
"issuer": {
"value": "serviceprovider1",
"format": "",
"nameQualifier": "",
"spnameQualifier": "",
"mutable": false,
"spprovidedID": ""
},
"@class": "com.sun.identity.saml2.protocol.impl.AuthnRequestImpl",
"assertionConsumerServiceURL": "https://sp.example.com/am/Consumer/metaAlias/alpha/sp1",
"extensions": null,
"destination": "https://idp.example.com/am/SSORedirect/metaAlias/alpha/idp1",
"passive": false,
"version": "2.0",
"requestedAuthnContext": {
"authnContextClassRef": [
"urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport"
],
"@class": "com.sun.identity.saml2.protocol.impl.RequestedAuthnContextImpl",
"comparison": "exact",
"mutable": false,
"authnContextDeclRef": [],
"elementName": "RequestedAuthnContext"
},
"nameIDPolicy": {
"format": "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"spnameQualifier": "serviceprovider1",
"@class": "com.sun.identity.saml2.protocol.impl.NameIDPolicyImpl",
"mutable": false,
"allowCreate": true
},
"attributeConsumingServiceIndex": null,
"conditions": null,
"scoping": null,
"signed": false,
"providerName": "",
"assertionConsumerServiceIndex": null
}
|
|
|
|
The fault code returned in the SAML response.
Only available to the preSendFailureResponse function.
|
|
|
|
Contains the details of the fault returned in the SAML response.
Only available to the preSendFailureResponse function.
|
|
|
|
The entity ID for the hosted IdP.
|
|
|
|
A helper object that provides context information when customizing the IdP adapter extension points.
|
|
An IdpAdapterNextGenScriptHelper object.
Methods
public List getEntitlements(String applicationName, String realm)
public List getEntitlements(String applicationName, String realm,
Map<String, List<String>> environment)
|
|
Represents the relayState used in the redirect.
Not available to the preSingleSignOn or preSendFailureResponse functions.
|
|
|
|
The ID to use for continuation of processing if the adapter redirects.
Not available to the preSignResponse or preSendFailureResponse functions.
|
|
|
|
Example JSON (next-generation)
{
"allowTrace": false,
"secure": true,
"requestedSessionIdValid": true,
"remoteAddr": "10.67.3.17",
"requestedSessionIdFromURL": false,
"parameterNames": {},
"protocol": "HTTP/1.1",
"localName": "am-5f87474849-f7b9m",
"asyncSupported": false,
"requestedSessionIdFromCookie": true,
"protocolRequestId": null,
"asyncStarted": false,
"localAddr": "10.67.3.6",
"contentLength": 873,
"servletConnection": {
"protocol": "http/1.1",
"connectionId": "a368",
"secure": false,
"protocolConnectionId": ""
},
"attributeNames": {},
"remotePort": 60476,
"queryString": "ReqID=s2c48de88f798137a410875437b1a4c0fa7bd9b239&index=null&acsURL=https://sp.example.com/am/Consumer/metaAlias/alpha/sp1&spEntityID=serviceprovider1&binding=urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST",
"requestId": "cbbc",
"characterEncoding": "UTF-8",
"authType": null,
"requestedSessionId": "3AECBCB5567836F65E08298982526907",
"remoteHost": "10.67.3.17",
"scheme": "https",
"trailerFieldsReady": true,
"serverName": "idp.example.com",
"remoteUser": null,
"requestURI": "/am/SSORedirect/metaAlias/alpha/idp1",
"method": "POST",
"pathTranslated": "/usr/local/tomcat/webapps/am/metaAlias/alpha/idp1",
"servletPath": "/SSORedirect",
"cookies": [
{
"path": null,
"name": "JSESSIONID",
"maxAge": -1,
"domain": null,
"value": "3AECBCB5567836F65E08298982526907",
"secure": false,
"attributes": {},
"comment": null,
"version": 0,
"httpOnly": false
},
{
"path": null,
"maxAge": -1,
"name": "amlbcookie",
"domain": null,
"secure": false,
"attributes": {},
"comment": null,
"value": "01",
"version": 0,
"httpOnly": false
},
{
"value": "6WcS7CVJ-a...lMxAAIwMQ.*",
"path": null,
"maxAge": -1,
"name": "58eaf95f29a4d6c",
"domain": null,
"secure": false,
"attributes": {},
"comment": null,
"version": 0,
"httpOnly": false
}
],
"trailerFields": {},
"pathInfo": "/metaAlias/alpha/idp1",
"headerNames": {},
"requestURL": "https://idp.example.com/am/SSORedirect/metaAlias/alpha/idp1",
"userPrincipal": null,
"contentLengthLong": 873,
"httpServletMapping": {
"pattern": "/SSORedirect/*",
"mappingMatch": "PATH",
"servletName": "IDPSSOFederateServlet",
"matchValue": "metaAlias/alpha/idp1"
},
"locales": {},
"contextPath": "/am",
"localPort": 8080,
"serverPort": 443,
"contentType": "application/x-www-form-urlencoded",
"parameterMap": {
"acsURL": [
"https://sp.example.com/am/Consumer/metaAlias/alpha/sp1"
],
"ReqID": [
"s2c48de88f798137a410875437b1a4c0fa7bd9b239"
],
"spEntityID": [
"serviceprovider1"
],
"binding": [
"urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST"
],
"saml2Request": [
"eyJ0eXA ... YPA"
],
"index": [
"null"
]
},
"locale": "en_GB"
}
|
|
|
|
Provides the following methods for accessing request details:
-
public Object getAttribute(String name)
-
public void setAttribute(String name, Object value)
-
public String getHeader(String name)
-
public List<String> getHeaders(String name)
-
public String getParameter(String name)
-
public String[] getParameterValues(String name)
|
|
A HttpServletRequestHelper object.
|
|
The SAML Response object.
Only available to the preSignResponse function.
|
|
|
|
Example JSON (next-generation)
{
"trailerFields": null,
"status": 200,
"committed": false,
"headerNames": [
"X-Frame-Options",
"Content-Security-Policy-Report-Only",
"X-Content-Type-Options"
],
"locale": "en_US",
"characterEncoding": "UTF-8",
"contentType": null,
"bufferSize": 8192
}
|
|
|
|
Provides the following methods for accessing request details:
-
public void addHeader(String name, String value)
-
public String getHeader(String name)
-
public List<String> getHeaders(String name)
-
public List<String> getHeaderNames()
-
public void setHeader(String name, String value)
-
public void sendRedirect(String location) throws IOException
|
|
A HttpServletResponseHelper object.
|
|
Not available to the preSingleSignOn or preSendFailureResponse functions.
Contains a representation of the user’s SSO session object.
|
|
A ScriptedSession object.
Methods
public String getProperty(String name)
public void setProperty(String name, String value)
|
|
Example JSON (next-generation)
{
"assertion": [
{
"id": "s2b7a5c878dfac7b20ae926768e677b9a4aa393cc9",
"signature": null,
"advice": null,
"timeValid": true,
"issueInstant": 1769521769589,
"statements": [],
"authnStatements": [
{
"authnContext": {
"authenticatingAuthority": null,
"authnContextClassRef": "urn:oasis:names:tc:SAML:2.0:ac:classes:PasswordProtectedTransport",
"authnContextDeclRef": null,
"mutable": false,
"authnContextDecl": null
},
"subjectLocality": null,
"sessionNotOnOrAfter": null,
"sessionIndex": "s20a19e42789748e3dfd9763da0aa61abc13d89b01",
"mutable": true,
"authnInstant": 1769521769000
}
],
"subject": {
"subjectConfirmation": [
{
"mutable": true,
"encryptedID": null,
"nameID": null,
"baseID": null,
"subjectConfirmationData": {
"elementName": "SubjectConfirmationData",
"address": null,
"notOnOrAfter": 1769522369604,
"inResponseTo": "s2c48de88f798137a410875437b1a4c0fa7bd9b239",
"mutable": true,
"recipient": "https://sp.example.com/am/Consumer/metaAlias/alpha/sp1",
"contentType": null,
"notBefore": null,
"content": []
},
"method": "urn:oasis:names:tc:SAML:2.0:cm:bearer"
}
],
"mutable": true,
"encryptedID": null,
"nameID": {
"format": "urn:oasis:names:tc:SAML:2.0:nameid-format:persistent",
"spnameQualifier": "serviceprovider1",
"value": "9EVQEze38h96WOxoJFGDTj9/9MZe",
"mutable": true,
"@class": "com.sun.identity.saml2.assertion.impl.NameIDImpl",
"spprovidedID": null,
"nameQualifier": "identityprovider1"
},
"baseID": null
},
"conditions": {
"audienceRestrictions": [
{
"mutable": true,
"audience": [
"serviceprovider1"
]
}
],
"proxyRestrictions": [],
"notOnOrAfter": 1769522369604,
"mutable": true,
"conditions": [],
"oneTimeUses": [],
"notBefore": 1769521169604
},
"authzDecisionStatements": [],
"issuer": {
"mutable": true,
"format": null,
"nameQualifier": null,
"value": "identityprovider1",
"spnameQualifier": null,
"spprovidedID": null
},
"attributeStatements": [],
"mutable": true,
"version": "2.0",
"signed": false
}
],
"id": "s2d748a797f4c4f9f4e72b337f1c52168bd32cef63",
"signature": null,
"inResponseTo": "s2c48de88f798137a410875437b1a4c0fa7bd9b239",
"status": {
"@class": "com.sun.identity.saml2.protocol.impl.StatusImpl",
"mutable": true,
"statusDetail": null,
"statusCode": {
"mutable": true,
"@class": "com.sun.identity.saml2.protocol.impl.StatusCodeImpl",
"value": "urn:oasis:names:tc:SAML:2.0:status:Success",
"statusCode": null
},
"statusMessage": null
},
"destination": "https://sp.example.com/am/Consumer/metaAlias/alpha/sp1",
"consent": null,
"@class": "com.sun.identity.saml2.protocol.impl.ResponseImpl",
"extensions": null,
"issuer": {
"mutable": true,
"format": null,
"nameQualifier": null,
"value": "identityprovider1",
"spnameQualifier": null,
"spprovidedID": null
},
"issueInstant": 1769521769608,
"mutable": true,
"version": "2.0",
"encryptedAssertion": null,
"signed": false
}
|
|
|