Look Up Outbound Secure Conversation Session Assertion
gateway90
The
Look Up Outbound Secure Conversation Session
assertion is used to look up an outbound secure conversation session that has been mapped to the authenticated user and the back-end service on which the secure conversation session is established.This assertion succeeds if at least one unexpired session is found. This assertion fails if no sessions are found or only expired sessions are found.
To learn about selecting the target message for this assertion, see Select a Target Message.
Context Variables Created by This Assertion
The Look Up Outbound Secure Conversation Session assertion sets the following context variable that contains all information about the session:
<prefix>
.session
Where:
- <prefix>is defined in the assertion properties (default:scLookup)
- specific attributes about the outbound secure conversation session can be retrieved by using:
<prefix>
.session.
<attribute>
For example, to access the session identifier, use
${
<prefix>
.session.id}
.Attribute | Description |
id | The session identifier |
user | The authenticated user |
To access specific attributes about the user, use the syntax: <prefix> .session.user. <user_attribute> | |
providerId | The user's Identity Provider ID |
id | The user's identifier |
login | The user's login ID |
firstName | The user's first name |
lastName | The user's last name |
email | The user's email address |
department | The user's department |
subjectDn | The user's X.509 subject DN |
creation | The session creation time |
expiration | The session's expiration time |
scNamespace | The namespace of WS-Secure Conversation |
Using the Assertion
- Do one of the following:
- To add the assertion to the Policy Development window, see Add an Assertion.
- To change the configuration of an existing assertion, proceed to step 2 below.
- Right-clickin the policy window and select<target>:Look Up Outbound Secure Conversation Session to<service URL>Outbound Secure Conversation Session Lookup Propertiesor double-click the assertion in the policy window. The assertion properties are displayed.
- Enter theService URL. This is the URL of the back-end service that will issue the security context token.
- Enter a prefix that will be added to the context variables created by this assertion. This prefix will ensure uniqueness and will prevent the variables from overwriting each other when multiple instances of this assertion appear in a policy.The default variable prefix isscLookup.For an explanation of the validation messages displayed, see Context Variable Validation.
- Click [OK].