Hi, is there a way to reuse pre-defined string values like %PKMSPUBLIC% or %CREDATTR{tagvalue_session_index}% in an InfoMap templates?  I have seen these being available in login.html/certlogin.html/stepuplogin.html but is there a way to access them in an InfoMap template like just like the pre-defined or custom defined macros can be used?

Please advise.

Any pointers on this? Specifically I am trying to access the macros listed at https://www.ibm.com/docs/en/sva/10.0.7?topic=modification-macro-resources-customizing-response-pages in a InfoMap template file either directly or by accessing it's value from a mapping rules and sending it to the template.  Is that possible and what's the recommended approach?

Thanks,

Narayan

Hi, is there a way to reuse pre-defined string values like %PKMSPUBLIC% or %CREDATTR{tagvalue_session_index}% in an InfoMap templates?  I have seen these being available in login.html/certlogin.html/stepuplogin.html but is there a way to access them in an InfoMap template like just like the pre-defined or custom defined macros can be used?

Please advise.

Hello Narayan,

Those macros are only available in Reverse Proxy management pages.

They are not available in an Infomap context.

Any pointers on this? Specifically I am trying to access the macros listed at https://www.ibm.com/docs/en/sva/10.0.7?topic=modification-macro-resources-customizing-response-pages in a InfoMap template file either directly or by accessing it's value from a mapping rules and sending it to the template.  Is that possible and what's the recommended approach?

Thanks,

Narayan

Hi, is there a way to reuse pre-defined string values like %PKMSPUBLIC% or %CREDATTR{tagvalue_session_index}% in an InfoMap templates?  I have seen these being available in login.html/certlogin.html/stepuplogin.html but is there a way to access them in an InfoMap template like just like the pre-defined or custom defined macros can be used?

Please advise.

Thank you Jack!  Are there any alternatives or workarounds to getting the equivalent values for use in InfoMap templates?

Hello Narayan,

Those macros are only available in Reverse Proxy management pages.

They are not available in an Infomap context.

Any pointers on this? Specifically I am trying to access the macros listed at https://www.ibm.com/docs/en/sva/10.0.7?topic=modification-macro-resources-customizing-response-pages in a InfoMap template file either directly or by accessing it's value from a mapping rules and sending it to the template.  Is that possible and what's the recommended approach?

Thanks,

Narayan

Hi, is there a way to reuse pre-defined string values like %PKMSPUBLIC% or %CREDATTR{tagvalue_session_index}% in an InfoMap templates?  I have seen these being available in login.html/certlogin.html/stepuplogin.html but is there a way to access them in an InfoMap template like just like the pre-defined or custom defined macros can be used?

Please advise.

Hi Narayan, 

I think you're looking to read attributes out of the credential, you can do that in an authenticated session in an infomap using this method:
This won't work for an authenticated Reverse Proxy Session, ie, if you haven't completed the login flow - and the Reverse Proxy hasn't build the credential. 

var result = context.get(Scope.REQUEST,"urn:ibm:security:asf:request:token:attribute", "AUTHENTICATION_LEVEL");

This would extract the value "AUTHENTICATION_LEVEL" into a variable, which you can then use the standard Macro setting in a custom HTML Page.

You can use the cred viewer local-app to find the attribute name you want. 


Thank you Jack!  Are there any alternatives or workarounds to getting the equivalent values for use in InfoMap templates?

Hello Narayan,

Those macros are only available in Reverse Proxy management pages.

They are not available in an Infomap context.

Any pointers on this? Specifically I am trying to access the macros listed at https://www.ibm.com/docs/en/sva/10.0.7?topic=modification-macro-resources-customizing-response-pages in a InfoMap template file either directly or by accessing it's value from a mapping rules and sending it to the template.  Is that possible and what's the recommended approach?

Thanks,

Narayan

Hi, is there a way to reuse pre-defined string values like %PKMSPUBLIC% or %CREDATTR{tagvalue_session_index}% in an InfoMap templates?  I have seen these being available in login.html/certlogin.html/stepuplogin.html but is there a way to access them in an InfoMap template like just like the pre-defined or custom defined macros can be used?

Please advise.

Thank you Phillip!

Is there a way to get the user's LDAP attributes like CN, mobile, email etc as well?  They don't seem to be populated in the context at all.

Thanks,

Narayan

Hi Narayan, 

I think you're looking to read attributes out of the credential, you can do that in an authenticated session in an infomap using this method:
This won't work for an authenticated Reverse Proxy Session, ie, if you haven't completed the login flow - and the Reverse Proxy hasn't build the credential. 

var result = context.get(Scope.REQUEST,"urn:ibm:security:asf:request:token:attribute", "AUTHENTICATION_LEVEL");

This would extract the value "AUTHENTICATION_LEVEL" into a variable, which you can then use the standard Macro setting in a custom HTML Page.

You can use the cred viewer local-app to find the attribute name you want. 


Thank you Jack!  Are there any alternatives or workarounds to getting the equivalent values for use in InfoMap templates?

Hello Narayan,

Those macros are only available in Reverse Proxy management pages.

They are not available in an Infomap context.

Any pointers on this? Specifically I am trying to access the macros listed at https://www.ibm.com/docs/en/sva/10.0.7?topic=modification-macro-resources-customizing-response-pages in a InfoMap template file either directly or by accessing it's value from a mapping rules and sending it to the template.  Is that possible and what's the recommended approach?

Thanks,

Narayan

Hi, is there a way to reuse pre-defined string values like %PKMSPUBLIC% or %CREDATTR{tagvalue_session_index}% in an InfoMap templates?  I have seen these being available in login.html/certlogin.html/stepuplogin.html but is there a way to access them in an InfoMap template like just like the pre-defined or custom defined macros can be used?

Please advise.

Hey Narayan, 

Its very dependent on whether they are in the credential already. 
Are they in there? 
Use the Credential Viewer, to see whats in the authenticated credential . 

https://philipnye.com/2024/08/15/quick-demo-junction-and-credential-viewer/
(Second part of the article). 

If you authenticate natively in the reverse proxy, or you've completed a FULL authentication service flow, then the Reverse Proxy will have collected these extra attributes and they will be in the request token. 


Alternatively, I think you can also find them in the context if you've used the U/P mechanism in the same flow, but you'll note in the mechanisms configuration, it puts it in a different spot. 


You might need to check a different scope though. 
var dest = context.get(Scope.SESSION, Attribute Namespace, Attribute ID);

Let me know how you go

Thank you Phillip!

Is there a way to get the user's LDAP attributes like CN, mobile, email etc as well?  They don't seem to be populated in the context at all.

Thanks,

Narayan

Hi Narayan, 

I think you're looking to read attributes out of the credential, you can do that in an authenticated session in an infomap using this method:
This won't work for an authenticated Reverse Proxy Session, ie, if you haven't completed the login flow - and the Reverse Proxy hasn't build the credential. 

var result = context.get(Scope.REQUEST,"urn:ibm:security:asf:request:token:attribute", "AUTHENTICATION_LEVEL");

This would extract the value "AUTHENTICATION_LEVEL" into a variable, which you can then use the standard Macro setting in a custom HTML Page.

You can use the cred viewer local-app to find the attribute name you want. 


Thank you Jack!  Are there any alternatives or workarounds to getting the equivalent values for use in InfoMap templates?

Hello Narayan,

Those macros are only available in Reverse Proxy management pages.

They are not available in an Infomap context.

Any pointers on this? Specifically I am trying to access the macros listed at https://www.ibm.com/docs/en/sva/10.0.7?topic=modification-macro-resources-customizing-response-pages in a InfoMap template file either directly or by accessing it's value from a mapping rules and sending it to the template.  Is that possible and what's the recommended approach?

Thanks,

Narayan

Hi, is there a way to reuse pre-defined string values like %PKMSPUBLIC% or %CREDATTR{tagvalue_session_index}% in an InfoMap templates?  I have seen these being available in login.html/certlogin.html/stepuplogin.html but is there a way to access them in an InfoMap template like just like the pre-defined or custom defined macros can be used?

Please advise.

These values are available on the creds/ivcreds page as below:

All these calls register null in the logs with the REQUEST scope as well as SESSION scope:

Hey Narayan, 

Its very dependent on whether they are in the credential already. 
Are they in there? 
Use the Credential Viewer, to see whats in the authenticated credential . 

https://philipnye.com/2024/08/15/quick-demo-junction-and-credential-viewer/
(Second part of the article). 

If you authenticate natively in the reverse proxy, or you've completed a FULL authentication service flow, then the Reverse Proxy will have collected these extra attributes and they will be in the request token. 


Alternatively, I think you can also find them in the context if you've used the U/P mechanism in the same flow, but you'll note in the mechanisms configuration, it puts it in a different spot. 


You might need to check a different scope though. 
var dest = context.get(Scope.SESSION, Attribute Namespace, Attribute ID);

Let me know how you go

Thank you Phillip!

Is there a way to get the user's LDAP attributes like CN, mobile, email etc as well?  They don't seem to be populated in the context at all.

Thanks,

Narayan

Hi Narayan, 

I think you're looking to read attributes out of the credential, you can do that in an authenticated session in an infomap using this method:
This won't work for an authenticated Reverse Proxy Session, ie, if you haven't completed the login flow - and the Reverse Proxy hasn't build the credential. 

var result = context.get(Scope.REQUEST,"urn:ibm:security:asf:request:token:attribute", "AUTHENTICATION_LEVEL");

This would extract the value "AUTHENTICATION_LEVEL" into a variable, which you can then use the standard Macro setting in a custom HTML Page.

You can use the cred viewer local-app to find the attribute name you want. 


Thank you Jack!  Are there any alternatives or workarounds to getting the equivalent values for use in InfoMap templates?

Hello Narayan,

Those macros are only available in Reverse Proxy management pages.

They are not available in an Infomap context.

Any pointers on this? Specifically I am trying to access the macros listed at https://www.ibm.com/docs/en/sva/10.0.7?topic=modification-macro-resources-customizing-response-pages in a InfoMap template file either directly or by accessing it's value from a mapping rules and sending it to the template.  Is that possible and what's the recommended approach?

Thanks,

Narayan

Hi, is there a way to reuse pre-defined string values like %PKMSPUBLIC% or %CREDATTR{tagvalue_session_index}% in an InfoMap templates?  I have seen these being available in login.html/certlogin.html/stepuplogin.html but is there a way to access them in an InfoMap template like just like the pre-defined or custom defined macros can be used?

Please advise.

You need to make sure you're looking in the right namespace:

urn:ibm:security:asf:request:token:attribute

In your code above, you're looking in the response:token:attribute. 

These values are available on the creds/ivcreds page as below:

All these calls register null in the logs with the REQUEST scope as well as SESSION scope:

Hey Narayan, 

Its very dependent on whether they are in the credential already. 
Are they in there? 
Use the Credential Viewer, to see whats in the authenticated credential . 

https://philipnye.com/2024/08/15/quick-demo-junction-and-credential-viewer/
(Second part of the article). 

If you authenticate natively in the reverse proxy, or you've completed a FULL authentication service flow, then the Reverse Proxy will have collected these extra attributes and they will be in the request token. 


Alternatively, I think you can also find them in the context if you've used the U/P mechanism in the same flow, but you'll note in the mechanisms configuration, it puts it in a different spot. 


You might need to check a different scope though. 
var dest = context.get(Scope.SESSION, Attribute Namespace, Attribute ID);

Let me know how you go

Thank you Phillip!

Is there a way to get the user's LDAP attributes like CN, mobile, email etc as well?  They don't seem to be populated in the context at all.

Thanks,

Narayan

Hi Narayan, 

I think you're looking to read attributes out of the credential, you can do that in an authenticated session in an infomap using this method:
This won't work for an authenticated Reverse Proxy Session, ie, if you haven't completed the login flow - and the Reverse Proxy hasn't build the credential. 

var result = context.get(Scope.REQUEST,"urn:ibm:security:asf:request:token:attribute", "AUTHENTICATION_LEVEL");

This would extract the value "AUTHENTICATION_LEVEL" into a variable, which you can then use the standard Macro setting in a custom HTML Page.

You can use the cred viewer local-app to find the attribute name you want. 


Thank you Jack!  Are there any alternatives or workarounds to getting the equivalent values for use in InfoMap templates?

Hello Narayan,

Those macros are only available in Reverse Proxy management pages.

They are not available in an Infomap context.

Any pointers on this? Specifically I am trying to access the macros listed at https://www.ibm.com/docs/en/sva/10.0.7?topic=modification-macro-resources-customizing-response-pages in a InfoMap template file either directly or by accessing it's value from a mapping rules and sending it to the template.  Is that possible and what's the recommended approach?

Thanks,

Narayan

Hi, is there a way to reuse pre-defined string values like %PKMSPUBLIC% or %CREDATTR{tagvalue_session_index}% in an InfoMap templates?  I have seen these being available in login.html/certlogin.html/stepuplogin.html but is there a way to access them in an InfoMap template like just like the pre-defined or custom defined macros can be used?

Please advise.