ROUTER_CONFIGURATIONS
Note
In this section, it's possible to configuration certain aspects of the main application router (for incoming HTTP requests).
Properties
| Property name | Description | Allowed/default values | Mandatory |
|---|---|---|---|
| id | Unique id of the entry | Yes | |
| routerId | Id of the router | Yes | |
| rewriteRules | Array of rewrite rules | No | |
| conditionExecutorPoolSize | For ex. conditional rewrite rules, conditions may be written (script) - they are executed on a worker pool, and this setting dictates the maximum number of parallel executing conditions (scripts) | 4 | No |
Router Id
Currently, there is only one known router id: applicationRouter. By specifying applicationRouter for one configuration entry, the main application router can be configured.
Rewrite rules
| Property name | Description | Allowed/default values | Mandatory |
|---|---|---|---|
| matchPathPattern | The pattern to match against the path-component of the URI. Interpreted as a regular expression if matchPathPatternIsRegex is matchPathPatternIsRegex |
Yes | |
| replacePathPattern | In case the rule matched, replace the matched part of the URI with this pattern. If matchPathPatternIsRegex is true, it's treated as a regular expression pattern, which allows for ex. back-references |
Yes | |
| matchPathPatternIsRegex | If matchPathPattern should be treated as plain text (false) or as a regular expression (true) |
false | No |
| replacePathPatternIsRegex | If replacePathPattern should be treated as plain text (false) or as a regular expression pattern (true) |
false | No |
| expressionCondition | A conditional expression to evaluate (Javascript) - in case matchPathPattern has matched, this script will then be executed. If the expression returns "true", the rule is considered to have matched.This can be used to ex. make conditional URI rewrites for certain SAML2 SPs or similar. |
No | |
| parseBody | In case expressionCondition has been configured, attempts will be made to parse the HTTP request body, if applicable, for ex. SAML2 Authn requests. |
||
| useEntityIDAlias | Which (if any) entityID-alias should be used by the SAML IdP that this redirect might lead to | No | |
| useAssertionProfile | Which (if any) assertion profile should be used by the SAML IdP that this redirect might lead to | No |
Expression Condition
This is a Javascript expression that will be evaluated. The following variables are accessible:
request- data about the incoming HTTP requestspId- ifparseBodyis true, and there was an SAML2 Authn request in the HTTP request, the SP id in the Authn request is available in this variable, otherwise it'snull
Note
There's a small performance cost associated with evaluating the expression, attempt to use as narrow patterns as possible to avoid matching irrelevant requests.
Parse Body
In case an expression condition has been configured, the body of the incoming request will be parsed, if applicable, for ex. incoming SAML2 Authn requests.
Warning
Make sure that the matchPathPattern does not match against file upload-requests when parseBody is enabled - if the body of an incoming request has been parsed, file uploads for the request won't work.
Example
For a complete example of how to use the rewrite rules, see the article about providing a seamless upgrade of the authentication