java - Retrieving Shibboleth attributes from AJP connector request -
i have encountered weird problem when working shibboleth authentication running on apache , when tomcat7 running on end, apache sends through mod_proxy_ajp. , parameters sibboleth.
in documentation (https://wiki.shibboleth.net/confluence/display/shib2/nativespjavainstall) explicitly stated ajp sends attributes prefix attributeprefix="ajp_"
, developer should not take shortcuts , enable sending auth attributes trough http headers (https://wiki.shibboleth.net/confluence/display/shib2/nativespspoofchecking)
i try retrieve attributes using
httpservletrequest req = (httpservletrequest) facescontext.getcurrentinstance() .getexternalcontext().getrequest(); enumeration<string> e = req.getattributenames();
but no matter try, no shibboleth attributes ever show up.
after 2 hours of trying find out doing wrong. tried retrieve attribute name using.
req.getattribute("uid");
and reason works. though "uid"
isn't listed in getattributenames();
it smells bug, or mistimed communication somewhere between ajp , spring or jsf...
Comments
Post a Comment