Access to peer endpoint via scripted attribute resolver

Cantor, Scott cantor.2 at
Tue May 10 09:33:29 EDT 2016

> Hello, all. In the IdP (version 3.2.1, Java 1.7), I am attempting to
> access the peer entity endpoint (URL) via an attribute resolver script.
> I've currently been trying two variations. The first is as follows:

org.opensaml.messaging.context is not a context class type.

> The second attempt is:
>"Blah: {}",
> profileContext.getSubcontext("org.opensaml.saml.common.messaging.cont
> ext.SAMLEndpointContext").getEndpoint());

And that context isn't located beneath the PRC.

> In general, I'm able to successfully retrieve and log various other
> things via the resolver script, for example HttpServletRequest info via
> customObjectRef, requestContext.getPeerEntityId(), and the relying party
> ID via a call to "profileContext", but I am struggling with the peer
> endpoint.

profileContext.getInboundMessageContext() is the root of the tree you want. I don't recall offhand where the SAMLEndpointContext is in the tree.

I'm not sure why you'd want to access this, but it probably would not be a good idea. You should absolutely not be basing any policy on it, that's for certain.

-- Scott

More information about the users mailing list