Skip to main content

Version: 21.11

SSO Authentication OK Response

note

This service type is for dynamic Groovy services only.

Provides an SSO authentication response script that can render the HTTP response when this is required to perform login flow customization.

If the script writes directly to the HTTP servlet response object, it returns false to indicate to the SSO Auth Filter that request processing has been completed.

This script is configured via the Security Manager SSO Auth Filter tab.

Script Interface

/** Provides a Groovy script successful authentication event handler which can optionally 
write to the Servlet response and return false to signal that the request processing has been completed.

Script parameters include:
request : <a target="_blank" href="http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html">HttpServletRequest</a>
response : <a target="_blank" href="http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletResponse.html">HttpServletResponse</a>
portal : <a target="_blank" href="../../javadoc/com/avoka/fc/core/entity/Portal.html">Portal</a>
securityManager : <a target="_blank" href="../../javadoc/com/avoka/fc/core/entity/SecurityManager.html">SecurityManager</a>

Script return:
true to continue processing, or false to signal request processing has completed : boolean

Script throws:
redirect exception to redirect to an external page : <a target="_blank" href="../../javadoc/com/avoka/fc/core/servlet/RedirectException.html">RedirectException</a>
*/

return true

Service Invoke Parameters

Parameters are optional except where otherwise indicated.

ParameterDescription
requestHttpServletRequest
Required. A HTTP servlet request.
responseHttpServletResponse
Required. The response to the HTTP servlet request.
portalPortal (com.avoka.fc.core.entity.Portal)
Required. The portal associated with the user's request.
securityManagerSecurityManager (com.avoka.fc.core.entity.SecurityManager)
Required. A SecurityManager configuration entity.

Error Handling

This Groovy script is executed by the SSOAuthenticationFilter (com.avoka.fc.core.security.SSOAuthenticationFilter). This script can redirect to another resource if required using a RedirectException (com.avoka.fc.core.servlet.RedirectException).

If there is a different system authentication error, the script can throw an AuthenticationException. The SSOAuthenticationFilter will then clear the SecurityContextHolder and set the exception in the request attribute WebAttributes.AUTHENTICATION_EXCEPTION.