How to read and write shared state in the OpenAM Scripted Module

If you’ve used OpenAM for a while, you will probably know that it has a concept of shared state; a map of values that can be passed from one authentication module to the next in an authentication chain. You can use the iplanet-am-auth-store-shared-state-enabled and iplanet-am-auth-shared-state-enabled keywords to direct modules to put credentials into shared state, or read the credentials from shared state and try to use them.

If you have a scripted module in your OpenAM authentication chain,  you may want to pass credentials from the scripted module to other modules in the chain. Or you may want to access credentials that have been set in a preceding authentication module.

To read the username and password entered in a previous module in the authentication chain, you can use the following javascript in your server side authentication script:

//get username and password from shared state var someUserName = sharedState.get("javax.security.auth.login.name"); var somePassword = sharedState.get("javax.security.auth.login.password");

And to put a username and password into shared state:
//set the username and password for other authentication modules to use sharedState.put("javax.security.auth.login.password",someUserName); sharedState.put("javax.security.auth.login.password",somePassword);

This blog post was first published @ http://authntoz.blogspot.no/, included here with permission from the author.

©2019 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?