-
1. Re: Getting hold of the assertion and attributes from the "inside"?
micgus Oct 1, 2012 10:03 AM (in response to micgus)Rephrased my question and hopefully simplified it somewhat
-
2. Re: Getting hold of the assertion and attributes from the "inside"?
micgus Oct 4, 2012 9:03 AM (in response to micgus)Replying to myself now that I found one way forward at least, this little piece of code solved my issue:
Map<String, List<Object>> sessionMap = (Map<String, List<Object>>) request.getSession().getAttribute(GeneralConstants.SESSION_ATTRIBUTE_MAP);
List<String> roles = new ArrayList<String>();
if (sessionMap != null)
{
Iterator<Entry<String, List<Object>>> iterator = sessionMap.entrySet().iterator();
while(iterator.hasNext())
{
Entry<String, List<Object>> mapEntry = iterator.next();
System.out.println("The attribute name: " + mapEntry.getKey() + ", attribute value: " + mapEntry.getValue());
// Adding the found attributes/roles for the later XACML request
roles.add(mapEntry.getValue().toString().replace("[", "").replace("]", ""));
....
Perhaps more elegant solutions available, but this way I could at least extract the attributes/roles for the XACML request and also use one of them i the logic of the SP.
This one will sort of give the same result (Principal name and roles):
SecurityContext securityCtx = SecurityContextAssociation.getSecurityContext();
Subject subject = securityCtx.getSubjectInfo().getAuthenticatedSubject();
System.out.println("Subject str: " + subject.toString());
Although I failed when it came to a way for getting hold of either the unparsed assertion in xml or the AssertionType. At the moment the above code will solve my task, but if there are any examples it would be great to know