Uploaded image for project: 'Identity Gateway'
  1. Identity Gateway
  2. OPENIG-3629

Custom response handler for SingleSignOnFilter


    • Type: Improvement
    • Status: Open
    • Priority: Minor
    • Resolution: Unresolved
    • Affects Version/s: 6.5.0
    • Fix Version/s: None
    • Component/s: None
    • Labels:
    • Support Ticket IDs:
    • Story Points:


      Request to enhance SingleSignOnFilter by adding a custom response handler or failure handler configuration to the filter.

      Customer isĀ upgrading from IG 4.5 to 6.5. Currently they use a custom scripted filter to do the required authentication checks in IG. The customer would like to switch to the OOTB SingleSignOnFilter if possible.

      However the main issue is that they can't configure that filter behaviour when AM returns a 401 to IG. If the session in the request is not valid, SingleSignOnFilter redirects the user to a login page but they want to be able to return 401 instead.

      Acceptance Criteria

      • SSOFilter have a failureHandler attribute referencing a Handler
        • Defaults to the "old" behaviour: Create a 500 Internal Server Error response
        • Provide exception informationĀ  in a new Context passed to the failure Handler
      • Make sure that the login URL is provided as part of the context chain (we already have a context for that)
      • ErrorContext should provide error and error description fields (in addition of the cause throwable)
        • Make CdSSoFailureContext more "generic"




            • Assignee:
              jdewer James Dewer
            • Votes:
              0 Vote for this issue
              3 Start watching this issue


              • Created: