Chain

Introduction

The chain authenticator orchestrates one or more authenticators that perform(s) the actual authentication.

The chain is complete when all (required) authenticators in the chain are completed.

A chain authenticator can be nested with Selectors and other chains.

Configuration

Authenticator type: Chain

Common Authenticator configuration can be found here.

Name Description Default

Name	Description	Default
`chain`	List of authenticator refs defining the content and order of the chain. An empty chain will block the authentication and therefor at least one ref must be present.	`[]`
`require_subject`	Flag controlling if this authenticator requires a subject to be set before completing. Use only for nested chains.	`true`
`proceed_on_error`	Flag controlling how chain behaves on authenticator failure. If enabled, all authenticators in chain will be executed before error is raised (stealth behaviour).	`true`

chain

List of authenticator refs defining the content and order of the chain. An empty chain will block the authentication and therefor at least one ref must be present.

[]

require_subject

Flag controlling if this authenticator requires a subject to be set before completing. Use only for nested chains.

true

proceed_on_error

Flag controlling how chain behaves on authenticator failure. If enabled, all authenticators in chain will be executed before error is raised (stealth behaviour).

true

{
    "id" : "chain00",
    "type" : "Chain",
    "config" : {
      "base_path" : "/test/authn",
      "success_location" : "/authn/success.html",
      "failure_location" : "/authn/failure.html",
      "chain" : [ {
        "id" : "confirm00",
        "required" : true
      }, {
        "id" : "select00",
        "required" : true
      } ]
    }
  }

Authenticator refs

An authenticator ref points to an actual authenticator available in the current configuration.

Name Description Default Mandatory

Name	Description	Default	Mandatory
`id`	Authenticator id
`required`	Flag controlling if authenticator is required to complete or not. Authentication will fail if a required authenticator does not complete.	`true`

id

Authenticator id

required

Flag controlling if authenticator is required to complete or not. Authentication will fail if a required authenticator does not complete.

true

"chain" : [ 
  {
    "id" : "confirm00",
    "required" : true
  }, 
  {
    "id" : "select00",
    "required" : true
  }
 ]

API

API not available.

PreviousAuthController NextImpersonate

Last updated 1 year ago