...
Variables Available in All Templates
Property | Description |
|---|---|
An HTMLEncoder, allows safe HTML encoding of various types. This is further described under HtmlEncoder. | |
cspDigester 5.1 | A StringDigester configured to produce base64-encoded SHA-256 hashes, suitable for use in generating CSP hashes |
cspNonce 5.1 | An IdentifierGenerationStrategy that produces nonces suitable for use with CSP |
profileRequestContext | A ProfileRequestContext, primarily used to locate subsidiary contexts: |
environment | The Spring Environment (javadoc here). This will be most frequently used to resolve properties (defined in idp.properties or other files), by calling the getProperty method. For instance |
custom
|
request | The HttpServletRequest (javadoc here). This is an advanced topic and out of scope for this page. |
response | The HttpServletResponse (javadoc here). This is an advanced topic and out of scope for this page. |
flowRequestContext | The Spring Web Flow RequestContext (javadoc here). This is an advanced topic and out of scope for this page. |
flowExecutionUrl | The URL to redirect to in order to advance the flow (you’ll see this in form actions, typically) |
springMacroRequestContext | A help context supplied by Spring. Primarily used to render language specific resources from the message bundles. For instance |
custom | The Spring bean named shibboleth.CustomViewContext. This can be whatever you define it to be (in global.xml). That bean and its content should be treated as immutable. |
Variables Available to Password Login View
During password login, the templates login.vm and login-error.vm are used and have access to additional variables:
Property | Description |
|---|---|
A RelyingPartyUIContext object. This object allows language sensitive rendering of specific information about the relying party (logos and so forth). This is described further here. | |
authenticationContext | An AuthenticationContext object. This object contains a large amount of information about the state of the authentication process. |
authenticationErrorContext | An AuthenticationErrorContext object. When present (which is only after a previous login error), this provides more detailed information on the failure which can then be displayed. The default views/login-error.vm file demonstrates how the contents of this context can be used to drive language specific message lookup (as in messages/authn-messages.properties). |
authenticationWarningContext | An AuthenticationWarningContext object. This isn't typically used within this view, but if warnings about account state are detected at the same time an error is also detected, it may be available. |
ldapResponseContext | An LDAPResponseContext object. This isn't typically used within this view, but if warnings about account state are detected at the same time an error is also detected, it may be available. |
Variables Available During Attribute Release Consent
Property | Description |
|---|---|
A RelyingPartyUIContext object. This object allows language sensitive rendering of specific information about the relying party (logos and so forth). This is described further here. | |
attributeDisplayNameFunction | A Function takes an IdPAttribute (usually from |
attributeDisplayDescriptionFunction | A Function that takes an IdPAttribute (usually from |
consentContext | A ConsentContext representing the state of a consent flow (current and previous consents). Further information TBD. |
attributeReleaseContext | An AttributeReleaseContext, this can be used to provide an iterable group of those attributes to which consent can be applied via the call |
Variables Available During Logout
Property | Description |
|---|---|
logoutContext | A LogoutContext, contains information to list the services accessed during the session that has been terminated |
multi-rpContext | A MultiRelyingPartyContext, allows lookup of the RelyingPartyContext for each service listed in the logoutContext |
Typically the RelyingPartyContext is further interrogated to get individual rpUIContexts.
...