6.1.2 Creating a Custom Authentication Class to Obtain Unstored Transitional Data

  1. On the Home page, click Identity Servers > [cluster name] > Authentication > Classes > Plus icon.

  2. Under General, click Other.

  3. Specify the following details:

    Field

    Description

    Class Name

    The name of the authentication class. For example, RHP or Logging Session.

    Java Class Path

    The name of the Java Class Path. For example, com.novell.nidp.authentication.local.UserNameAuthenticationClass.

  4. Click Plus icon to add a new property and specify the following details:

    Field

    Description

    Property Name

    The name of the property. For example, ShowUser, REQUEST_HEADERS_LDAP_ATTRIBUTE_NAME, REQUEST_HEADERS_KEY_VALUE_SEPARATOR, REQUEST_HEADERS_SEPARATOR

    Property Value

    The value of the property. For example, True, requestHeaders, -->, ||.

  5. Click Save.

  6. On the Home page, click Identity Servers > [cluster name] > Authentication > Methods > Plus icon.

  7. Specify a name to identify the method. Example: RHPMethod

  8. Select RHPClass from Class.

  9. Turn off Identify Users.

  10. Click to select <DEFAULT_USER_STORE> under Select Userstore.

  11. Click Done.

  12. On the Home page, click Identity Servers > [cluster name] > Authentication > Contracts > Plus icon to create a contract.

    In Authentication Methods, add RHPMethod at the second or last in the order.

    For information about creating a contract, see Configuring Authentication Contracts.

  13. Click Update to update the required Identity Server.

  14. Click Update All to update the required Identity Server Cluster.

  15. On the Home page, click Access Gateways > Edit.

  16. Click Protected Resource for the proxy service with Authentication Procedure (RHPContract).

  17. On the Home page, click Policies.

  18. Select the policy container, then click New.

  19. Specify a name for the policy, select Access Gateway: Identity Injection for the LdapAttribute policy, then click OK.

  20. Update Access Gateways.

    The headers will be available in Ldap Attribute (requestHeaders) in format below. This can accessed from virtual attributes to perform modifications on the result.

  21. On the Home page, click Identity Servers > IDP Global Settings > Virtual Attributes > Virtual Attribute.

  22. Click Plus icon to create a virtual attribute. Create a virtual attribute for the requestHeaders using the Advanced: Javascript function. For more information, see Creating a Virtual Attribute.

    Sample JavaScript:

    'NameIDPolicy=' and returns value of it.

function main(P1){
  return getParameter(P1,'NameIDPolicy=');
}
function getParameter(attribute, param){
  var str=attribute.substring(attribute.search(param));
   return  str.substring(param.length,str.search('&'));  
}