Uploaded image for project: 'OpenAM'
  1. OpenAM
  2. OPENAM-700

Set IdPAdapter Class with Console

    XMLWordPrintable

    Details

    • Improvement
    • Status: Closed
    • Minor
    • Resolution: Fixed
    • 9.5.3_RC1
    • 9.5.5, 10.0.0-EA
    • console
    • None
    • All
    • Rank:
      1|hzn7qn:

      Description

      Enhancement request to the set idpAdapter class through the OpenAM console. Ideally this should happen in the Advanced section of a hosted IdP.

      Viktor.Ake@forgerock.com has background information on why this is necessary. The primary reason to what I understand is that you need an entry point before sending a response to an AuthNRequest to the SP.
      There is (extended) metadata support for this today, but if you set any other parameter in the hosted IdP section with the console, a custom IdPAdapter class configuration is whipped out as it is not part of the modul which is a very problematic side effect.

      Here's the source code (4 files) for the model and the console components:

      com/sun/identity/console/federation/model/SAMLv2Model.java

      + // SAMLv2 IDP Adapter feature
      + public static final String ATTR_IDP_ADAPTER = "idpAdapter";

      com/sun/identity/console/federation/model/SAMLv2ModelImpl.java

      // ECP
      extendedMetaIdpMap.put(ATTR_IDP_ECP_SESSION_MAPPER,
      Collections.EMPTY_SET);
      +
      + // IDP Adapter
      + extendedMetaIdpMap.put(ATTR_IDP_ADAPTER,
      + Collections.EMPTY_SET);

      //SAE
      extendedMetaIdpMap.put(ATTR_SAE_IDP_APP_SECRET_LIST,
      @@ -285,6 +289,8 @@
      static {
      extendedAdMetaIdpMap.put(ATTR_IDP_ECP_SESSION_MAPPER,
      Collections.EMPTY_SET);
      + extendedAdMetaIdpMap.put(ATTR_IDP_ADAPTER,
      + Collections.EMPTY_SET);
      extendedAdMetaIdpMap.put(ATTR_SAE_IDP_APP_SECRET_LIST,
      Collections.EMPTY_SET);
      extendedAdMetaIdpMap.put(ATTR_SAE_IDP_URL,

      amConsole.properties (products/amserver/resources/locale/amConsole.properties)

      +#IDPAdapter
      +samlv2idp.attribute.label.idpadapter=IDP Adapter
      +samlv2idp.attribute.label.idpadapter.IDPAdapterClass=IDP Adapter Class
      +samlv2idp.attribute.help.IdpIDPAdapter=The IDPAdapter class.
      +

      propertySAMLv2IDPAdvancedHosted.xml (products/federation/openfm/xml/console/components/propertySAMLv2IDPAdvancedHosted.xml)
      </property>
      </subsection>
      </section>
      +
      + <section name="IDPAdapter" defaultValue="samlv2idp.attribute.label.idpadapter">
      + <property>
      + <label name="lblIDPAdapter" defaultValue="samlv2idp.attribute.label.idpadapter.IDPAdapterClass" labelFor="idpAdapter" />
      + <cc name="idpAdapter" tagclass="com.sun.web.ui.taglib.html.CCTextFieldTag">
      + <attribute name="size" value="75" />
      + <attribute name="autoSubmit" value="false" />
      + <attribute name="localizeDisplayFieldValue" value="false" />
      + </cc>
      + <fieldhelp name="helpIDPAdapter" defaultValue="samlv2idp.attribute.help.IdpIDPAdapter" />
      + </property>
      + </section>
      +
      </propertysheet>

        Attachments

          Activity

            People

            steve Steve Ferris
            joachimandres joachimandres
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

              Dates

              Created:
              Updated:
              Resolved: