Using the Shibboleth Shim Filter

Note: This documentation is still a little rough...

The Shib Shim filter passes the Shibboleth attributes to the application in two ways:

  • As HTTP headers, available via the usual HttpServletRequest methods.
  • As a session object Map, containing the values. This is the only way to get access to the configuration and other special attributes.

The attributes consist of any Shibboleth attributes mapped in the properties file, plus a few special attributes listed below.

Special attributes

config-application

The name of the Shibboleth Shim application.

config-attributes

The Shibboleth Shib XML document containing the attributes.

config-authenticationinstant

The date and time of the user's authentication.

config-currenttime

The current date and time.

config-handle

The session ID identifying the session in this application. This will be an arbitrary handle, generated by the Shibboleth Shim server.

config-issueinstant

The date and time that Shibboleth issued the assertion.

config-issuer

The REFERRER value for the Shibboleth Identity Provider.

config-lasttime

The date and time page was last loaded in this session.