SSO Authentication OK Response
note
This service type is for dynamic Groovy services only.
Provides an SSO authentication response script that can render the HTTP response when this is required to perform login flow customization.
If the script writes directly to the HTTP servlet response object, it returns false
to indicate to the SSO Auth Filter that request processing has been completed.
This script is configured via the Security Manager SSO Auth Filter tab.
Script Interface
/** Provides a Groovy script successful authentication event handler which can optionally
write to the Servlet response and return false to signal that the request processing has been completed.
Script parameters include:
request : <a target="_blank" href="http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletRequest.html">HttpServletRequest</a>
response : <a target="_blank" href="http://docs.oracle.com/javaee/7/api/javax/servlet/http/HttpServletResponse.html">HttpServletResponse</a>
portal : <a target="_blank" href="../../javadoc/com/avoka/fc/core/entity/Portal.html">Portal</a>
securityManager : <a target="_blank" href="../../javadoc/com/avoka/fc/core/entity/SecurityManager.html">SecurityManager</a>
Script return:
true to continue processing, or false to signal request processing has completed : boolean
Script throws:
redirect exception to redirect to an external page : <a target="_blank" href="../../javadoc/com/avoka/fc/core/servlet/RedirectException.html">RedirectException</a>
*/
return true
Service Invoke Parameters
Parameters are optional except where otherwise indicated.
Parameter | Description |
---|---|
request | HttpServletRequest Required. A HTTP servlet request. |
response | HttpServletResponse Required. The response to the HTTP servlet request. |
portal | Portal (com.avoka.fc.core.entity.Portal )Required. The portal associated with the user's request. |
securityManager | SecurityManager (com.avoka.fc.core.entity.SecurityManager )Required. A SecurityManager configuration entity. |
Error Handling
This Groovy script is executed by the SSOAuthenticationFilter
(com.avoka.fc.core.security.SSOAuthenticationFilter
). This script can redirect to another resource if required using a RedirectException
(com.avoka.fc.core.servlet.RedirectException
).
If there is a different system authentication error, the script can throw an AuthenticationException
. The SSOAuthenticationFilter
will then clear the SecurityContextHolder
and set the exception in the request attribute WebAttributes.AUTHENTICATION_EXCEPTION
.