Custom saml authentication handler service in AEM 6.3 is in satisfied state
Hi smacdonald2008, Please see the screenshots of bundle and OSGI component below.
And the code is as below. For now, I have just included the configuration alone, still it is in satisfied state.
package org.project.auth.saml;
import org.apache.sling.auth.core.spi.AuthenticationHandler;
import org.osgi.framework.Constants;
import org.osgi.service.component.annotations.Component;
import org.osgi.service.component.annotations.ConfigurationPolicy;
import org.osgi.service.metatype.annotations.AttributeDefinition;
import org.osgi.service.metatype.annotations.Designate;
import org.osgi.service.metatype.annotations.ObjectClassDefinition;
import com.adobe.granite.auth.saml.SamlAuthenticationHandler;
@Component(name="org.project.auth.saml.CustomAuthenticationHandler" ,immediate=true,
service=AuthenticationHandler.class,
configurationPolicy=ConfigurationPolicy.REQUIRE,
property={
Constants.SERVICE_DESCRIPTION+"=Custom SAML 2.0 Authentication Handler",
Constants.SERVICE_VENDOR+"=",
AuthenticationHandler.PATH_PROPERTY+"=/",
"token.expire=10080",
Constants.SERVICE_RANKING+"=20001",
AuthenticationHandler.TYPE_PROPERTY+"=SAML"
})
@Designate(ocd=CustomAuthenticationHandler.Configuration.class)
public class CustomAuthenticationHandler extends SamlAuthenticationHandler {
@ObjectClassDefinition(name = "Custom SAML 2.0 Authentication Handler", description = "Service Configuration")
public @interface Configuration {
@AttributeDefinition(
name = "Path",
description = "Repository path for which this authentication handler should be used by Sling."+
"If this is empty, the authentication handler will be disabled." ,
defaultValue=""
)
String path();
@AttributeDefinition(
name = "token.expire.name",
description = "token.expire.description" ,
defaultValue=""
)
String token_expire();
@AttributeDefinition(
name = "Service Ranking",
description = "OSGi Framework Service Ranking value to indicate the order in which to call this service."+
" This is an int value where higher values designate higher precedence. Default value is 0." ,
defaultValue=""
)
String service_ranking();
@AttributeDefinition(
name = "IDP URL",
description = "URL of the IDP where the SAML Authentication Request should be sent to."+
"If this property is empty the authentication handler is disabled." ,
defaultValue=""
)
String idpUrl();
@AttributeDefinition(
name = "IDP HTTP Redirect",
description = "Use an HTTP Redirect to the IDP URL instead of sending an AuthnRequest-message to request credentials."+
"Use this for IDP initiated authentication."
)
boolean idpHttpRedirect() default false;
@AttributeDefinition(
name = "Service Provider Entity ID",
description = "ID which uniquely identifies this service provider with the identity provider."+
"If this property is empty the authentication handler is disabled.",
defaultValue=""
)
String serviceProviderEntityId();
@AttributeDefinition(
name = "Default Redirect",
description = "The default location to redirect to after successful authentication.",
defaultValue="/"
)
String defaultRedirectUrl();
@AttributeDefinition(
name = "loginSuffix.name",
description = "loginSuffix.description",
defaultValue="/"
)
String loginSuffix();
@AttributeDefinition(
name = "UserID Attribute",
description = "The name of the attribute containing the user ID used to"+
"authenticate and create the user in the CRX repository. Leave empty to use the Subject:NameId. ",
defaultValue="uid"
)
String userIDAttribute();
@AttributeDefinition(
name = "Use Encryption",
description = "Whether or not this authentication handler expects encrypted SAML assertions."+
"If this is enabled an RSA key pair must be provided at /etc/key/saml. "
)
boolean useEncryption() default true;
@AttributeDefinition(
name = "Autocreate CRX Users",
description = "Whether or not to autocreate nonexisting users in the repository. (createUser)"
)
boolean createUser() default true;
@AttributeDefinition(
name = "Add to Groups",
description = "Whether or not a user should be autmatically added to CRX groups after successful authentication."
)
boolean addGroupMemberships() default true;
@AttributeDefinition(
name = "Group Membership",
description = "The name of the attribute containing a list of CRX groups this user should be added to. ",
defaultValue="groupMembershipAttribute"
)
String groupMembershipAttribute();
@AttributeDefinition(
name = "Default Groups",
description = "A list of default CRX groups users are added to after successful authentication."
)
String[] defaultGroups();
@AttributeDefinition(
name = "Synchronized Attributes",
description = "A list of attribute mappings (in the format 'attributename=path/relative/to/user/node')"+
" which should be stored in the repository on user-synchronization"
)
String[] synchronizeAttributes();
@AttributeDefinition(
name = "NameIDPolicy Format",
description = "The value of the NameIDPolicy format parameter to send in the AuthnRequest message",
defaultValue="urn:oasis:names:tc:SAML:2.0:nameid-format:transient"
)
String nameIdFormat();
@AttributeDefinition(
name = "Handle Logout"
)
boolean handleLogout() default false;
@AttributeDefinition(
name = "Logout URL"
)
String logoutUrl();
}
}
