I'm able to successfully setup websphere to authenticate with an IdP and access the web resource as expected. But now my application needs the claims/assertions/attributes available in the SAML token/response to proceed further. What is best option available to access the SAML response/attributes inside my java application?
I want to add to the previous answer.For Websphere Application Server, if you are using already available WebsphereSamlSP application as SP then you can use following code inside handleRedirect() method of IBMWebpshereSamlACSListenerServlet to get saml attributes. Or use this in your custom SP code.
SAMLToken samlToken = (SAMLToken) AccessController
.doPrivileged(new java.security.PrivilegedExceptionAction() {
public Object run() throws java.lang.Exception {
final java.util.Iterator authIterator = subject
.getPrivateCredentials(SAMLToken.class)
.iterator();
if (authIterator.hasNext()) {
final SAMLToken token = (SAMLToken) authIterator
.next();
return token;
}
return null;
}
});
// Log attribute name and values
List<SAMLAttribute> attributes = samlToken.getSAMLAttributes();
if (attributes != null && !attributes.isEmpty()) {
for (SAMLAttribute attr : attributes) {
logger.debug(attr.getName());
if (attr.getStringAttributeValue() != null) {
for (int i = 0; i < attr.getStringAttributeValue().length; i++) {
logger.debug(attr.getStringAttributeValue()[i]);
}
}
}
}