Shibboleth IDP Upgrade: v2 to v3 and Existing Login and Profile Handlers

Jeremy Torres jeremy.torres at
Tue Sep 11 19:57:40 EDT 2018

Thanks for the clarification, Scott.

It appears my extension of the AbstractUsernamePasswordValidationAction and
injecting the shibboleth.HttpServletRequest bean will enable me to check
for the presence of my custom request param.

I would like to utilize the default "password" flow; however, I need check
for the existence of a request parameter to check an backend service
_before_ the login page would be presented.  Is this possible with a custom
"action", or would this require a custom login flow?

On Tue, Sep 11, 2018 at 5:43 PM Cantor, Scott <cantor.2 at> wrote:

> > * I've looked at using an extension of the
> > AbstractUsernamePasswordValidationAction to utilize the default password
> > login flow; however, it's unclear to me how to gain access to the "raw"
> > request parameter map, via the ProfileRequestContext or
> > AuthenticationContext
> Inject the shibboleth.HttpServletRequest bean into your object,
> p:httpServletRequest-ref="shibboleth.HttpServletRequest".
> All action beans that inherit from our classes, including that base class,
> have a property for it predefined.
> > * I looked into a v3 Profile Intercept; however, this doesn't appear to
> the
> > mechanism to do this.
> No, that's not authentication.
> >  If the default "password" flow is
> > configured, does one have access to the UsernamePassword sub context,
> > accessible through the ProfileRequestContext?
> External and Password are different, unrelated login flows, they don't
> compose. Password is for password validation with the IdP's UI to handle
> collecting it, and External is for "do whatever you want in a servlet" and
> you are responsible for the UI. Two different things.
> -- Scott
> --
> For Consortium Member technical support, see
> To unsubscribe from this list send an email to
> users-unsubscribe at
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <>

More information about the users mailing list