Page Comparison

encoder

An HTMLEncoder, allows safe HTML encoding of various types. This is further described under HtmlEncoder.

cspDigester ^5.1

A StringDigester configured to produce base64-encoded SHA-256 hashes, suitable for use in generating CSP hashes

cspNonce ^5.1

An IdentifierGenerationStrategy that produces nonces suitable for use with CSP

profileRequestContext

A ProfileRequestContext, primarily used to locate subsidiary contexts:
#set ($rpContext = $profileRequestContext.getSubcontext('net.shibboleth.profile.context.RelyingPartyContext'))
This is an advanced topic and out of scope for this page.

environment

The Spring Environment (javadoc here). This will be most frequently used to resolve properties (defined in idp.properties or other files), by calling the getProperty method. For instance
: environment.getProperty("idp.whatever", "default")

request

The HttpServletRequest.

response

The HttpServletResponse

flowRequestContext

The Spring Web Flow RequestContext (javadoc here). This is an advanced topic and out of scope for this page.

flowExecutionUrl

The URL to redirect to in order to advance the flow (you’ll see this in form actions, typically)

springMacroRequestContext

A help context supplied by Spring. Primarily used to render language specific resources from the message bundles. For instance
$springMacroRequestContext.getMessage("idp.message", "An unidentified error occurred."))

custom

The Spring bean named shibboleth.CustomViewContext. This can be whatever you define it to be (in global.xml). That bean and its content should be treated as immutable.

username ^5.1

A pre-existing username to populate into the form, generally from an earlier iteration of the form

rpContext ^5.1

A RelyingPartyContext object, providing access to basic information about the SP

rpUIContext

A RelyingPartyUIContext object. This object allows language sensitive rendering of specific information about the relying party (logos and so forth). This is described further here.

authenticationContext

An AuthenticationContext object. This object contains a large amount of information about the state of the authentication process.

authenticationErrorContext

An AuthenticationErrorContext object. When present (which is only after a previous login error), this provides more detailed information on the failure which can then be displayed. The default views/login-error.vm file demonstrates how the contents of this context can be used to drive language specific message lookup (as in messages/authn-messages.properties).

authenticationWarningContext

An AuthenticationWarningContext object. This isn't typically used within this view, but if warnings about account state are detected at the same time an error is also detected, it may be available.

ldapResponseContext

An LDAPResponseContext object. This isn't typically used within this view, but if warnings about account state are detected at the same time an error is also detected, it may be available.

errorMessageFunction ^5.1

A Function<ProfileRequestContext,String> which produces an error message based on the state of the request. This replaces the original login-error.vm template and the logic embedded in that view fragment with Java code but can be overridden via properties, and is backward-compatible

rpUIContext

A RelyingPartyUIContext object. This object allows language sensitive rendering of specific information about the relying party (logos and so forth). This is described further here.

attributeDisplayNameFunction

A Function takes an IdPAttribute (usually from $attributeReleaseContext.getConsentableAttributes().values()) and outputs the DisplayName appropriate to the browser locales.

attributeDisplayDescriptionFunction

A Function that takes an IdPAttribute (usually from $attributeReleaseContext.getConsentableAttributes().values()) and outputs the DisplayDescription appropriate to the browser locales.

consentContext

A ConsentContext representing the state of a consent flow (current and previous consents). Further information TBD.

attributeReleaseContext

An AttributeReleaseContext, this can be used to provide an iterable group of those attributes to which consent can be applied via the call $attributeReleaseContext.getConsentableAttributes().values().
Specific attributes can be found by direct lookup ($attributeReleaseContext.getConsentableAttributes().get($attributeId)).
In Java terms, $attributeReleaseContext.getConsentableAttributes() is a Map.

attributeHelper

A bean named shibboleth.AttributeHelper. By default this is of type AttributeHelper but this can be set to be any bean via the property name idp.attribute.helper.