Versions Compared

Old Version 3

changes.mady.by.user Scott Cantor

Saved on

compared with

New Version Current

changes.mady.by.user Scott Cantor

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Note

Caching Behavior

The built-in caching support (if enabled) keys the cached data for a GET request by the fully populated template URL generated, typically including information about the subject in the URL. For POST requests, you may provide a template for producing an appropriate cache key, or omit it to disable caching.

Customized implementations of the ExecutableSearchBuilder<HTTPSearch> interface MUST implement appropriate cache key semantics, particularly if they inherit from that base class.

...

Expand
titleHTTP connector for a JSON-based web service
Code Block
languagexml
 <DataConnector id="myHTTP" xsi:type="HTTP"
		httpClientRef="WebServiceHttpClient"
		httpClientSecurityParametersRef="ExampleOrgWSSecurity">
	<URLTemplate>
		<![CDATA[
		https://webservice.example.org/api/subject/$pathEscaper.escape($resolutionContext.principal)/groups
		]]>
	</URLTemplate>

	<ResponseMapping>
		<Script>
		<![CDATA[
		var HashSetArrayList = Java.type("java.util.HashSetArrayList");
		var HttpClientSupport = Java.type("net.shibboleth.shared.httpclient.HttpClientSupport");
		var IdPAttribute = Java.type("net.shibboleth.idp.attribute.IdPAttribute");
		var StringAttributeValue = Java.type("net.shibboleth.idp.attribute.StringAttributeValue");
  
		// Limits length to 64k
		var body = HttpClientSupport.toString(response.getEntity(), "UTF-8", 65536);
		var result = JSON.parse(body);
 
		var attr = new IdPAttribute("group");
		var values = new HashSetArrayLit();
		if (result.groups != null) {
			for (var i=0; i<result.groups.length; i++) {
				values.add(new StringAttributeValue(result.groups[i].name));
			}
		}
		attr.setValues(values);
		connectorResults.add(attr);
		]]>
		</Script>
	</ResponseMapping>

	<ResultCache expireAfterWrite="PT5M"/>
</DataConnector>

...

Expand
titleSpecific XML Attributes

The following attributes may be specified (the only required attribute is httpClientRef).

Name

Type

Default

Description

httpClientRef

Bean ID

Bean ID of the HttpClient instance to use

httpClientSecurityParametersRef

Bean ID

Bean ID of the HttpClientSecurityParameters instance to use , (ignored in 5.0 if one of the security shortcut settings are used)

serverCertificate

Resource path

Path of resource containing a server certificate whose public key must match the server's. If set in 5.0, httpClientSecurityParametersRef is ignored, in 5.1 it will be merged into the supplied bean.

certificateAuthority

Resource path

Path of resource containing a certificate authority used to validate the server's certificate. If set in 5.0, httpClientSecurityParametersRef is ignored, in 5.1 it will be merged into the supplied bean.

clientPrivateKey

Resource path

Path of resource containing a private key used to authenticate the client to the server via TLS. If set in 5.0, httpClientSecurityParametersRef is ignored, in 5.1 it will be merged into the supplied bean.

clientCertificate

Resource path


Path of resource containing a certificate used to authenticate the client to the server via TLS. If set in 5.0, httpClientSecurityParametersRef is ignored, in 5.1 it will be merged into the supplied bean.

maxLength

Long

0

Limits size of response body to accept, or 0 for no limit. When used, only  non-chunked responses that include a content length will be accepted.

acceptStatuses

Collection<Integer>

200

Acceptable HTTP status codes

acceptTypes

Collection<String>

Acceptable MIME content types

headerMapRef

Map<String,String>

Bean ID of a map of custom header names and values to set in the HTTP request

mappingStrategyRef

Bean ID

Bean ID of a HTTPResponseMappingStrategy to process the result set in a pluggable way

validatorRef

Bean ID

Bean ID of a Validator to control what constitutes an initialization failure (the default does no validation)

executableSearchBuilderRef

Bean ID

Bean ID of an ExecutableSearchBuilder<HTTPSearch> to produce the request to execute

templateEngine

Bean ID

Bean ID of a org.apache.velocity.app.VelocityEngine to use for processing the URL template, generally unnecessary

failFast

Boolean

false

Whether a failure when verifying the connection during startup is fatal (stops the Attribute filter service from starting). 

Expand
titleSpecific XML Elements

Name

Cardinality

Description

<URLTemplate>

0 or 1

Template of a URL to execute via HTTP GET or POST

<BodyTemplate>

0 or 1

Template for a request body to submit via HTTP POST, requires use of <URLTemplate>

<CacheKeyTemplate>

0 or 1

Template to produce a cache key to associate with the result of an HTTP POST, requires use of <BodyTemplate>

<ResponseMapping>

0 or 1

Inline or external script to execute to process the response body

<ResultCache>

0 or 1

Defines how results should be cached.

<ResultCacheBean>

Bean ID (in the element content) defining how results should be cached as an externally defined com.google.common.cache.Cache<String,Map<String,IdPAttribute>> 

Expand
titleCommon XML Attributes
Include Page
DataConnectorCommonAttributes
DataConnectorCommonAttributes

...