Access to peer endpoint via scripted attribute resolver

Dave Goldhammer dave.goldhammer at Colorado.EDU
Tue May 10 03:41:50 EDT 2016 

Hello, all. In the IdP (version 3.2.1, Java 1.7), I am attempting to
access the peer entity endpoint (URL) via an attribute resolver script.
I've currently been trying two variations. The first is as follows:

    logger.info("Endpoint: {} ", profileContext.getOutboundMessageContext().getSubcontext("org.opensaml.messaging.context").getEndpoint());

The error generated in idp-process.log is as follows:

> 
> 2016-05-10 01:07:08,044 - ERROR [net.shibboleth.idp.profile.impl.ResolveAttributes:257] - Profile Action ResolveAttributes: Error resolving attributes
> net.shibboleth.idp.attribute.resolver.ResolutionException: Attribute Definition 'testID': unable to execute script
>         at net.shibboleth.idp.attribute.resolver.ad.impl.ScriptedAttributeDefinition.doAttributeDefinitionResolve(ScriptedAttributeDefinition.java:169)
> Caused by: javax.script.ScriptException: sun.org.mozilla.javascript.internal.WrappedException: Wrapped java.lang.ClassNotFoundException: org.opensaml.messaging.context (<Unknown Source>#60)
> in <Unknown Source> at line number 60
>         at com.sun.script.javascript.RhinoCompiledScript.eval(RhinoCompiledScript.java:64)
> Caused by: sun.org.mozilla.javascript.internal.WrappedException: Wrapped java.lang.ClassNotFoundException: org.opensaml.messaging.context (<Unknown Source>#60)
>         at sun.org.mozilla.javascript.internal.Context.throwAsScriptRuntimeEx(Context.java:1808)
> Caused by: java.lang.ClassNotFoundException: org.opensaml.messaging.context
>         at org.apache.catalina.loader.WebappClassLoaderBase.loadClass(WebappClassLoaderBase.java:1313)
> 

The second attempt is:

    logger.info("Blah: {}", profileContext.getSubcontext("org.opensaml.saml.common.messaging.context.SAMLEndpointContext").getEndpoint());

The error in this case is as follows:

> 
> 2016-05-10 01:12:20,301 - ERROR [net.shibboleth.idp.profile.impl.ResolveAttributes:257] - Profile Action ResolveAttributes: Error resolving attributes
> net.shibboleth.idp.attribute.resolver.ResolutionException: Attribute Definition 'testID': unable to execute script
>         at net.shibboleth.idp.attribute.resolver.ad.impl.ScriptedAttributeDefinition.doAttributeDefinitionResolve(ScriptedAttributeDefinition.java:169)
> Caused by: javax.script.ScriptException: sun.org.mozilla.javascript.internal.EcmaError: TypeError: Cannot call method "getEndpoint" of null (<Unknown Source>#53) in <Unknown Source> at line
> number 53
>         at com.sun.script.javascript.RhinoCompiledScript.eval(RhinoCompiledScript.java:64)
> Caused by: sun.org.mozilla.javascript.internal.EcmaError: TypeError: Cannot call method "getEndpoint" of null (<Unknown Source>#53)
>         at sun.org.mozilla.javascript.internal.ScriptRuntime.constructError(ScriptRuntime.java:3770)
> 

In general, I'm able to successfully retrieve and log various other
things via the resolver script, for example HttpServletRequest info via
customObjectRef, requestContext.getPeerEntityId(), and the relying party
ID via a call to "profileContext", but I am struggling with the peer
endpoint.

Any assistance or advice would be greatly appreciated.
Thank you,

	-Dave

More information about the users mailing list