The SiteMinder SAML (1.x and 2.0) authentication schemes process response messages. For business reasons, for example, you might want to add additional steps to further process a response. The Message Consumer Extension API defines an interface that enables you to elaborate on the SAML response in two ways during the authentication process:
The Java MessageConsumerPlugin API implements the Message Consumer Extension (MCE) interface. You can code to your own requirements and then integrate the custom plug-in into CA SiteMinder® Federation Standalone.
The MessageConsumerPlugin class includes the following four methods:
|
Method |
Description |
|---|---|
|
init() |
Performs any initialization procedures that the plug-in requires. CA SiteMinder® Federation Standalone calls this method once for each plug-in instance, when the plug-in is loaded. |
|
release() |
Performs any rundown procedures that the plug-in requires. CA SiteMinder® Federation Standalone calls this method once for each plug-in instance, when CA SiteMinder® Federation Standalone is shutting down. |
|
postDisambiguateUser() |
Provides processing to disambiguate a user when the authentication scheme is unable to do so, or to add data for new federation users to a user store. Note that this method receives the decrypted assertion. The decrypted assertion is added to the properties map passed to MCP under the key “_DecryptedAssertion”. |
|
postAuthenticateUser() |
Provides any additional code to determine the final outcome of assertion processing, regardless of whether the policy server processing results in success or failure. |
CA SiteMinder® Federation Standalone provides the following samples of the Message Consumer plug-in class:
|
Copyright © 2014 CA.
All rights reserved.
|
|