无法从 OpenAM 的策略响应中获取 cn
Can't get cn from Policy Response of OpenAM
全部。
我正在尝试配置 OpenAM、J2EEAgent 和 OpenIG。当我得到 OpenAM 的策略响应时,我想得到 cn。所以我配置 com.sun.identity.agents.config.response.attribute.fetch.mode
= HTTP_HEADER。但是我在Policy Response中获取不到cn。
我有两个问题。
1、如何配置在Policy Response中获取cn?
2,我使用 SqlAttributesFilter 从 cn 搜索 uid(OpenIG 管理)
当 OpenIG 获得策略响应时。我制作了 OpenIG config.json。请检查。
{
"_comment" : "Sample OpenIG config for form login.",
"heap":[
{
"name":"DispatchHandler",
"type":"DispatchHandler",
"config":{
"bindings":[
{
"condition": "${matches(exchange.request.uri.path,'^/openig') != null}",
"handler":"LoginChain"
},
{
"handler":"OutgoingChain"
}
],
"baseURI":"http://test.co.jp:7070/"
}
},
{
"name":"LoginChain",
"type":"Chain",
"config":{
"filters":["SqlAttributesFilter"],
"handler":"LoginRedirectHandler"
}
},
{
"name": "SqlAttributesFilter",
"type": "SqlAttributesFilter",
"config": {
"dataSource": "java:comp/env/jdbc/postgresql",
"preparedStatement":
"SELECT uid
FROM user_table WHERE cn = ?;",
"parameters": [
"${exchange.request.headers['cn'][0]}"
],
"target" : "${exchange.credentials}"
}
},
{
"name":"LoginRedirectHandler",
"type":"StaticResponseHandler",
"config":{
"status":302,
"reason":"Found",
"headers":{
"Location":[
"http://test.co.jp:5050/testsp/index.html?j_site=${exchange.credentials.site}&j_uid=${exchange.credentials.uid}"
],
"Cache-Control":["no-cache"],
"Pragma":["no-cache"]
}
}
},
{
"name":"OutgoingChain",
"type":"Chain",
"config":{
"filters":[
"CaptureFilter"
],
"handler":"ClientHandler"
}
},
{
"name":"ClientHandler",
"type":"ClientHandler",
"config":{
}
},
{
"name":"CaptureFilter",
"type":"CaptureFilter",
"config":{
"captureEntity":true,
"file":"/home/test/.openig/config/gateway.log"
}
},
{
"name":"LogSink",
"comment":"Default sink for logging information.",
"type":"ConsoleLogSink",
"config":{
"level":"DEBUG"
}
}
],
"handler": "DispatchHandler"
}
请帮帮我。
关注
1) 通过修改假定与受保护资源相匹配的策略,并将 "cn" 添加到属性列表中。
或者您可以只修改您的代理配置,而不是使用响应属性,您可以为配置文件属性设置属性映射。
全部。
我正在尝试配置 OpenAM、J2EEAgent 和 OpenIG。当我得到 OpenAM 的策略响应时,我想得到 cn。所以我配置 com.sun.identity.agents.config.response.attribute.fetch.mode = HTTP_HEADER。但是我在Policy Response中获取不到cn。
我有两个问题。
1、如何配置在Policy Response中获取cn?
2,我使用 SqlAttributesFilter 从 cn 搜索 uid(OpenIG 管理) 当 OpenIG 获得策略响应时。我制作了 OpenIG config.json。请检查。
{
"_comment" : "Sample OpenIG config for form login.",
"heap":[
{
"name":"DispatchHandler",
"type":"DispatchHandler",
"config":{
"bindings":[
{
"condition": "${matches(exchange.request.uri.path,'^/openig') != null}",
"handler":"LoginChain"
},
{
"handler":"OutgoingChain"
}
],
"baseURI":"http://test.co.jp:7070/"
}
},
{
"name":"LoginChain",
"type":"Chain",
"config":{
"filters":["SqlAttributesFilter"],
"handler":"LoginRedirectHandler"
}
},
{
"name": "SqlAttributesFilter",
"type": "SqlAttributesFilter",
"config": {
"dataSource": "java:comp/env/jdbc/postgresql",
"preparedStatement":
"SELECT uid
FROM user_table WHERE cn = ?;",
"parameters": [
"${exchange.request.headers['cn'][0]}"
],
"target" : "${exchange.credentials}"
}
},
{
"name":"LoginRedirectHandler",
"type":"StaticResponseHandler",
"config":{
"status":302,
"reason":"Found",
"headers":{
"Location":[
"http://test.co.jp:5050/testsp/index.html?j_site=${exchange.credentials.site}&j_uid=${exchange.credentials.uid}"
],
"Cache-Control":["no-cache"],
"Pragma":["no-cache"]
}
}
},
{
"name":"OutgoingChain",
"type":"Chain",
"config":{
"filters":[
"CaptureFilter"
],
"handler":"ClientHandler"
}
},
{
"name":"ClientHandler",
"type":"ClientHandler",
"config":{
}
},
{
"name":"CaptureFilter",
"type":"CaptureFilter",
"config":{
"captureEntity":true,
"file":"/home/test/.openig/config/gateway.log"
}
},
{
"name":"LogSink",
"comment":"Default sink for logging information.",
"type":"ConsoleLogSink",
"config":{
"level":"DEBUG"
}
}
],
"handler": "DispatchHandler"
}
请帮帮我。 关注
1) 通过修改假定与受保护资源相匹配的策略,并将 "cn" 添加到属性列表中。
或者您可以只修改您的代理配置,而不是使用响应属性,您可以为配置文件属性设置属性映射。