HTTP Claims in Authsvc and InfoMap JavaScript Mapping Rules

Edit online

HTTP Request claims can be accessed by the Authsvc credential and InfoMap mapping rules by using the context variable that is defined by default in the Authsvc mapping rules.

If sps.httpRequestClaims.enabled (see SPS HTTP Request Claims) is true, then the header, cookie, and parameter values are available in the urn:ibm:security:request namespace of the request context.

The following example is an example for retrieving and logging HTTP headers from the request claims:

var headers = context.get(Scope.REQUEST, "urn:ibm:security:asf:request", "headers").toArray(); 
for (var i = 0; i < headers.length; i++) { 
    var name = headers[i]; 
    var value = context.get(Scope.REQUEST, "urn:ibm:security:asf:request:header", name); 
    IDMappingExtUtils.traceString("Header with name [" + name + "] and value [" + value + "]"); 
}

A similar code can be used to access cookies and query string parameters, providing values match the regex filter defined in the sps.httpRequestClaims.filterSpec (see SPS HTTP Request Claims)) advanced configuration parameter.