Additional params through ExternalAuthn LoginHandler

Cantor, Scott cantor.2 at
Tue Jul 29 12:44:39 EDT 2014

On 7/29/14, 12:30 PM, "snekse" <snekse at> wrote:

>1. Do I have any options for getting params to my servlet within the
>Shibbothleth framework?

Not dynamic ones, no. A fixed query string would probably carry across in
the redirect if it's in the config.

>2. The redirect to AuthnEngine is making me think the answer to #1 is no.
> If that's the case, any suggestions for hacks?

It depends what you're trying to do, but any information in the request to
the IdP is accessible from the login context via the API. Nothing else is
allowed to be used.

>3. Would using the UsernamePassword handler make this any easier?


>4. If the answer is no for all of the above, am I heading down the path
>of a custom ... thing?

No, because under no circumstances can you require a parameter from
outside, as that is non-conforming with SAML.

-- Scott

More information about the users mailing list