yup, I think I got that to work now.
Original Message:
Sent: Mon February 24, 2025 07:48 AM
From: Laurent LA Asselborn
Subject: Getting the original URL that triggered the step-up authentication
You can get a parameter (from the URL or from the POST body) by using this code:
var myparam = ''+context.get(Scope.REQUEST, "urn:ibm:security:asf:request:parameter", "myParam");
------------------------------
Laurent LA Asselborn
Original Message:
Sent: Mon February 24, 2025 07:23 AM
From: Narayan Verma
Subject: Getting the original URL that triggered the step-up authentication
Is this the code that needs to go in my mapping rule? Also, how do I get the dynamic value of URL from the querystring in my mapping rule code?
Thanks,
------------------------------
Narayan
Original Message:
Sent: Mon February 24, 2025 07:07 AM
From: Laurent LA Asselborn
Subject: Getting the original URL that triggered the step-up authentication
Hi Naryayan,
To set a macro in an infomap you have to insert code like this:
var url="https://...."
macros.put("@URL@", url);
By default, certain characters will be escaped.
If you don't want them to be escaped, you have to define your macro in the advanced property sps.page.notEscapedMacros
Kind regards
------------------------------
Laurent LA Asselborn
Original Message:
Sent: Mon February 24, 2025 06:49 AM
From: Narayan Verma
Subject: Getting the original URL that triggered the step-up authentication
I actually got the URL part working and received URL and AUTHNLEVEL in the query string e.g. &URL=%2Ficons%2FHRMISMain.gif&AUTHNLEVEL=4 by uncommenting URL and AUTHNLEVEL macros in the [local-response-macros] stanza. My next question is how do I access these values as macros in the template? When I use @URL@ or @AUTHNLEVEL@ in the template they are still blank.
Thanks,
------------------------------
Narayan
Original Message:
Sent: Mon February 24, 2025 06:20 AM
From: Narayan Verma
Subject: Getting the original URL that triggered the step-up authentication
Hi Andre, In my case I only see the TAM_OP=stepup querystring parameter but not the URL part. Is it governed by any configuration entry?
Thanks,
Narayan
------------------------------
Narayan
Original Message:
Sent: Mon February 24, 2025 03:09 AM
From: André Leruitte
Subject: Getting the original URL that triggered the step-up authentication
Hi Narayan,
When the user will be redirect to the LRR-uri, ISVA should automatically add a "URL" query param that will contain the original path:
/mga/sps/authsvc/policy/myInfoMapPolicy?TAM_OP=stepup&URL=/xxxxxx/myOriginalURL
------------------------------
André Leruitte
Security Architect
POST Luxembourg
Luxembourg
Original Message:
Sent: Sun February 23, 2025 09:14 PM
From: Narayan Verma
Subject: Getting the original URL that triggered the step-up authentication
I have an InfoMap mapping rule and template that is used inside an InfoMap policy. That policy is used for internal response-redirect in reverse proxy config file to process the step-up authentication. Is there a way to capture the original URL that triggered the step-up authentication? E.g.
/objectA - requires level 2 pop
/objectB - requires level 3 pop
reverse proxy entry:
enable-local-response-redirect = yes
local-response-redirect-uri = [stepup] /mga/sps/authsvc/policy/myInfoMapPolicy
How can I access the original path (/objectA vs objectB) in my template or mapping rule that supports myInfoMapPolicy? Is there a macro available (please share a sample) or any other techniques for getting this runtime value?
Thanks,
Narayan
------------------------------
Narayan
------------------------------