Chain

Introduction

The chain authenticator orchestrates one or more authenticators that perform(s) the actual authentication.

The chain is complete when all (required) authenticators in the chain are completed.

A chain authenticator can be nested with Selectors and other chains.

Configuration

Authenticator type: Chain

Common Authenticator configuration can be found here.

Name

Description

Default

chain

List of defining the content and order of the chain. An empty chain will block the authentication and therefor at least one ref must be present.

[]

require_subject

Flag controlling if this authenticator requires a subject to be set before completing. Use only for nested chains.

true

proceed_on_error

Flag controlling how chain behaves on authenticator failure. If enabled, all authenticators in chain will be executed before error is raised (stealth behaviour).

true

require_chain

Flag specifying if this authenticator must be executed inside a chain.

false

verbose

Turns on extended trace logging. Use for troubleshooting only.

false

{
    "id" : "chain00",
    "type" : "Chain",
    "config" : {
      "base_path" : "/test/authn",
      "success_location" : "/authn/success.html",
      "failure_location" : "/authn/failure.html",
      "chain" : [ {
        "id" : "confirm00",
        "required" : true
      }, {
        "id" : "select00",
        "required" : true
      } ]
    }
  }

Authenticator refs

An authenticator ref points to an actual authenticator available in the current configuration.

Name

Description

Default

Mandatory

id

Authenticator id

required

Flag controlling if authenticator is required to complete or not. Authentication will fail if a required authenticator does not complete.

true

"chain" : [ 
  {
    "id" : "confirm00",
    "required" : true
  }, 
  {
    "id" : "select00",
    "required" : true
  }
 ]

API

API not available.

PreviousAuthController NextImpersonate