STSRequest and STSResponse access using a JavaScript mapping rule
By using the Default Mapping STS Module and a JavaScript mapping rule, you can perform identity mapping. The mapping rule can access STSRequest and STSResponse objects.
The following two implicit objects and the classes required by these two objects can be exposed (for example, Java DOM, XML classes, and so on):
- STSRequest which represents the WS-Trust request
- STSResponse, which represents the WS-Trust response
Use JavaScript code stsrequest.getRequestSecurityToken().getBase() to get the input security token from the WS-Trust request. This returns the input security token as an instance of the Java class org.w3c.dom.Element.
Use JavaScript code stsresponse.getRequestSecurityTokenResponse().setRequestedSecurityToken (outputSecurityToken) to set the output security token in the WS-Trust response. The outputSecurityToken is the output security token represented as an instance of Java class org.w3c.dom.Element. By default, WS-Trust response contains only one output security token. To return additional output security tokens, we can use the following JavaScript code:
stsresponse.addRequestSecurityTokenResponse().setRequestedSecurityToken(outputSecurityToken)
The examples in the following topics show the mapping to and from a base64 encoded JSON string. They use the Default Mapping module with a JavaScript mapping rule. The JavaScript mapping rule accesses the STSRequest and STSResponse objects and performs the identity mapping.
- Mapping a base64 encoded JSON string to a SAML2 token example
We can map a base64 encoded JSON string to a SAML 2 token using a JavaScript mapping rule.- Mapping a SAML2 token to a base64 encoded JSON string example
We can map a SAML 2 token to a base64 encoded JSON string using a JavaScript mapping rule.
Parent topic: Configure STS modules