public class SingleSignOnFilter extends Object implements Filter
If the SSOToken is not valid or if cookie header is not present or empty, then the user-agent is redirected to OpenAM login page. Once log in has been successful, the request is forwarded.
{
"type": "SingleSignOnFilter",
"config": {
"openamUrl" : uriExpression [REQUIRED]
"cookieName" : String [OPTIONAL - by default is 'iPlanetDirectoryPro']
"realm" : String [OPTIONAL - default is '/']
"amHandler" : handler [OPTIONAL - by default it uses the
'ForgeRockClientHandler' provided in heap.]
"logoutEndpoint" : regexp [OPTIONAL - regular expression to match against the request
path to detect a requested logout.]
"defaultLogoutLandingPage": uriExpression [OPTIONAL - URI to redirect after a successful logout.]
}
}
Modifier and Type | Class and Description |
---|---|
static class |
SingleSignOnFilter.Heaplet
Creates and initialises an authentication filter in a heap environment.
|
public Promise<Response,NeverThrowsException> filter(Context context, Request request, Handler next)
Filter
next.handle(context, request)
.
This method may elect not to pass the request to the next filter or
handler, and instead handle the request itself. It can achieve this by
merely avoiding a call to next.handle(context, request)
and creating its own response object. The filter is also at liberty to
replace a response with another of its own by intercepting the response
returned by the next handler.
Copyright 2011-2015 ForgeRock AS.