WSO2:侦听器可以加入SAML身份验证流程
[英]WSO2: Listener to hook into SAML authentication flow
问题描述
Version: WSO2 Identity Server 5.4.1+ 
版本:WSO2 Identity Server 5.4.1+
For audit purposes we wrote a UserOperationEventListener in order to hook into the authentication process by implementing doPostAuthenticate(). 出于审计目的,我们编写了一个UserOperationEventListener,以便通过实现doPostAuthenticate()进入身份验证过程。
This captures API authentication and web login via form. 这将捕获API身份验证和通过表单进行Web登录。 Unfortunately the listener is not called when IS operates as a SAML SP to another 3rd party SAML IDP. 不幸的是,当IS作为另一个第三方SAML IDP的SAML SP时,未调用侦听器。
Question: Is there a Listener which is called when a SAML authentication is successful? 问题:当SAML身份验证成功时,是否有一个侦听器被调用? Or is there another way to hook into the authentication flow to an external IDP? 还是有另一种方式可以挂接到到外部IDP的身份验证流中?
1 个解决方案
解决方案1
0 2018-06-27 13:16:48
Just an update in case anyone has the same requirements. 只是更新,以防有人有相同的要求。 We have now implemented an AuthenticationDataPublisher Listener which covers all session creation events. 现在,我们已经实现了一个AuthenticationDataPublisher侦听器,该侦听器涵盖了所有会话创建事件。 In addition with above UserOperationEventListener it covers: 除了上述UserOperationEventListener之外,它还包括:
- Resource Owner Password Credential authentication 资源所有者密码凭据身份验证
- local authentication during code/implicit flows 代码/隐式流程中的本地身份验证
- login via upstream federated authentication eg SAML, OIDC 通过上游联合身份验证(例如SAML,OIDC)登录
- SOAP admin API authentication SOAP管理员API身份验证
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.