Dispatch
Warning
This authenticator is a legacy authenticator. It is recommended to plan for migrating the authenticator to the new protocol agnostic authenticator architecture. More information about the legacy authenticators can be found here.
Note
Used when there are multiple authentication possibilities. The dispatcher will, based on incoming data, select the appropriate route the user to the correct authentication.
The first authenticator with a matching expression will be selected.
Properties
| Name | Description | Default value | Mandatory |
|---|---|---|---|
| idpID | The internal identifier of the idp used | N/A | Yes |
| mapping | An array of mapping rules used to determine which authenticator should handle the incoming request. Matching rules contains of java script expressions. | N/A | Yes |
| sendSAMLResponseOnError | Whether or not a SAMLResponse containing an error response should be sent back to the SP upon an internal authentication error. | false | No |
| strictValidation | Whether or not additional validation checks should be made on the SAMLRequest. | false | No |
| resolveSAMLRequestProperties | Whether or not request properties from the SAML AuthnRequest should be resolved before proceeding with the authentication. Typically used at the start of an authentication flow. | false | No |
Example Configuration
{
"alias": "samldispatch",
"name": "Dispatch",
"configuration": {
"idpID": "idp",
"mapping": [{
"expression": "!request.getParameter('remoteAddress').startsWith('192.168.1')",
"authenticator": "auth1"
},
{
"expression": "request.getParameter('remoteAddress').startsWith('192.168.1')",
"authenticator": "auth2"
}
]
}
}
Requirements
One or more SAML authenticator configured.