The Authentication SPI includes the AMPostAuthProcessInterface which can be implemented for post-processing tasks. The following are examples of post-processing tasks:
Adding attributes to a user’s session after successful authentication
Sending notification to an administrator after failed authentication
General clean-up such as clearing cookies after logout or logging out of other system components.
The Core Authentication Service contains the Authentication PostProcessing Class attribute which contains the authentication post-processing class name as its value. Custom post processing interfaces can also be implemented.
AMPostAuthProcessInterface can be implemented for post authentication processing on authentication success, failure and logout. The SPI is configurable at the organization , service and role levels. The Authentication Service invokes the post processing SPI methods on successful, failed authentication and logout.
The AMPostProcessInterface class has 3 methods:
Some supporting information on these methods is provided in the following sections. For a comprehensive listing and detailed information on all Access Manager methods, see the Javadoc installed in the following directory:
AccessManager-base/SUNWam/docs
This method should be implemented for post-processing after a successful authentication. Authentication Service will invoke this method on successful authentication.
Method signature is:
public void onLoginSuccess(Map requestParamsMap, HttpServletRequest request, HttpServletResponse response, SSOToken ssoToken) throws AuthenticationException;
where
requestParamaMap is a map containing HttpServletRequest parameters
request HttpServletRequest object
response HttpServletResponse object
com.sun.identity.authentication.spi.AuthenticationException is thrown on error.
This method should be implemented for post processing after a failed authentication. Authentication Service will invoke this method on failed authentication.
Method signature is:
public void onLoginFailure(Map requestParamsMap, HttpServletRequest request, HttpServletResponse response) throws AuthenticationException;
where
requestMap is a map containing HttpServletRequest parameters
request HttpServletRequest object
response HttpServletRequest object
com.sun.identity.authentication.spi.AuthenticationException is thrown on error.
This method should be implemented for post-processing on a logout request. Authentication Service will invoke this method on logout.
Method signature is:
public void onLogout(HttpServletRequest request, HttpServletResponse response, SSOToken ssoToken) throws AuthenticationException;
where
request HttpServletRequest object is a map containing HttpServletRequest parameters
response HttpServletResponse object
ssoToken authenticated user’s single sign on token
com.sun.identity.authentication.spi AuthenticationException is thrown on error.