Skip to main content

The most recent patch for this version is 5.0.2.  Learn more  

Version: 5.0

Configuration

The HTTP Attribute Connector configuration is XML-based. The schema for the configuration is called http.config.xsd and can be used to generate a sample configuration XML file. The HTTP Attribute Connector supports mutual TLS as well as adding static and dynamic HTTP headers.

With the release of HTTP Attribute Connector 5.0.0, Axiomatics introduced crucial improvements and fixes over HTTP-PIP while keeping the core functionality same. The Attribute Connector name displayed in the UI of Axiomatics Services Manager is changed and the Authorization domain className is updated.

It is suggested switching to the new HTTP Attribute Connector 5.0.0 by creating it from scratch and copy-pasting your existing configuration.

note

It is possible to use your existing older HTTP-PIP AC version and configuration along with a deployment of the new and improved HTTP Attribute Connector 5.0.0.

<?xml version="1.0" encoding="UTF-8"?>
<configuration xmlns="http://www.axiomatics.com/http.config" identifier="myUniqueId">
    <connection>
        <url>http://djob-hp:8280/mock/mock</url>
        <!-- <keystore file="keystore.jks" password="changeit" type="JKS"></keystore> -->
        <!-- <truststore file="truststore.jks" type="JKS" password="changeit"></truststore> -->
        <header>
            <name>foo</name>
            <value>bar</value>
        </header>
        <method>POST</method>
        <!-- Consider the following as 200 and return the payload in the relevant attribute -->
        <acceptedHttpCode>404</acceptedHttpCode>
        <!-- Make the following codes silent errors and return an empty value in the relevant attribute -->
        <ignoredHttpCode>405</ignoredHttpCode>
        <ignoredHttpCode>406</ignoredHttpCode>
    </connection>
    <mapping>
        <xacmlAttribute Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="pip.payload" DataType="http://www.w3.org/2001/XMLSchema#string" Issuer=""/>
        <contentType>application/json</contentType>
        <template classpath="true" payload="false">/request.template.json</template>
        <key>
            <xacmlAttribute Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject" AttributeId="pip.username" DataType="http://www.w3.org/2001/XMLSchema#string" Issuer=""/>
        </key>
    </mapping>
</configuration>

The configuration starts with a root element called <configuration> that has the following attributes:

AttributeDescriptionMandatory
identifierMust contain a globally unique identifier such as a UUID. The identifier is used to generate unique identifiers for the mappings inside its configuration so that they can be used when configuring the cache strategy at runtime inside the PDPYes
detailedExceptionA boolean attribute that if true, full HTTP request and response will be added to Exception if an unexpected HTTP code is returned. Default is false.No

Every configuration also has the following sections:

Connection section

A <connection> section that contains all the information required to contact a remote service. For more information, click here.

Mapping section

A sequence of <mapping> elements that conform the mappings section. Each mapping element corresponds to the mapping of a XACML attribute being requested by the PDP to an underlying web service call. For more information, click here.