This page describes the extension points in Fediz to enrich its functionality further.
The Sign-In request to the IDP contains several parameters to customize the sign in process. Some parameters are configured statically in the Fediz configuration file, some others can be resolved at runtime when the initial request is received by the Fediz plugin.
Configuration values common to both WS-Federation and SAML SSO
The following table gives an overview of the parameters which can be resolved at runtime for either the WS-Federation or SAML SSO protocols.
The following table gives an overview of the parameters which can be resolved at runtime for the WS-Federation protocol. It contains the XML element name of the Fediz configuration file, the query parameter name of the sign-in request to the IDP as well as the Callback class.
If you configure a class which implements the interface
javax.security.auth.callback.CallbackHandler you get the corresponding Callback object where you must set the value which is then added to the query parameter. The Callback object provides the
HttpServletRequest object which might give you the required information to resolve the value.
Here is a snippet of the configuration to configure a CallbackHandler:
And a sample implementation of the CallbackHandler:
Custom Token Validator
It is possible to plug in a custom Token Validator for either protocol as well using the "tokenValidators" configuration parameter. This takes a list of Strings, each of which correspond to the class name of a TokenValidator instance. For example: