IDPv3 X509Auth - accessing certificate

Emilio Penna emilio.penna at seciu.edu.uy
Tue Dec 15 18:29:18 EST 2015


Hi, I configured IdP v3 for x509 authn, and works OK.

Now I'm trying to access the certificate in a scripted attribute, so I 
can then extract some aditional information.

The question:  how can I access the certificate in a script in the 
attribute resolver?

I see that net.shibboleth.idp.authn.impl.X509AuthServlet sets the 
certificate in
subject.getPublicCredentials().add(cert)
httpRequest.setAttribute(ExternalAuthentication.SUBJECT_KEY, subject)

My first idea is try to access the httpRequest and get that 
publicCredentials, In "Accessing other information" in 
https://wiki.shibboleth.net/confluence/display/IDP30/ScriptedAttributeDefinition
it mentions the possibility to access HTTP information, but I can't see 
clearly how to access it in a script.

thanks in advance
Emilio


More information about the users mailing list