This filter will validate attribute mapping policies in requests to the origin service.

The origin service is expected to be an Identity service. This filter will only take action if the HTTP request method is PUT.

General filter information

  • Name: attribute-mapping-policy-validation

  • Released: v8.6.0.0

  • Bundle: repose-extensions-filter-bundle

This filter has no configuration.

Prerequisites & Postconditions

Required headers

  • Content-Type - Declares the content type of the policy (e.g., XML or JSON) which will be used during validation.

Required preceding filters

None.

Request headers created

None.

Request body changes

All requests that make it through this filter will have their respective bodies replaced by a normalized version of the original body. In some cases, the request body may not change.

  • SAML Policy Translation Filter - These two filters work well together to provide mechanisms for attribute mapping policy management and application.

Response body changes

None.

Response headers created

None.

Response Status Codes

Table 1. Status Codes
Status Code Reasons

400

  • If the policy fails validation.

415

  • If the Content-Type is neither XML nor JSON, and therefore, the policy cannot be validated.

Additional Information

Since this filter will act on all requests it receives, it is recommended to only add this filter to the filter chain for endpoints that expect an attribute mapping policy body. The System Model provides a mechanism to construct conditional filter chains based on the request URI.