Scripting environment
AM supports scripts written in JavaScript.
How to determine the JavaScript engine version
You can use a script to check the version of the JavaScript engine AM is using. You could temporarily add the following script to a Scripted Decision node, for example, to output the engine version to the debug log:
var rhino = JavaImporter(
org.mozilla.javascript.Context
)
var currentContext = rhino.Context.getCurrentContext()
var rhinoVersion = currentContext.getImplementationVersion()
logger.error("JS Script Engine: " + rhinoVersion)
outcome = "true"
Ensure the following are listed in the Java class whitelist property of the scripting engine.
To view the Java class whitelist, go to Configure > Global Services > Scripting > Secondary Configurations. Select the script type, and on the Secondary Configurations tab, click engneConfiguration. |
AM uses the Mozilla Rhino JavaScript engine.
To access the functionality AM provides, import the required Java class or package, as follows:
var fr = JavaImporter(
org.forgerock.openam.auth.node.api,
javax.security.auth.callback.NameCallback
);
with (fr) {
...
}
You can use scripts to modify default AM behavior in the following situations, also known as contexts:
- Client-side authentication
-
Scripts that are executed on the client during authentication.
- Authentication trees
-
Scripts are included in an authentication node within a tree and are executed on the server during authentication.
AM implements a configurable scripting engine for each of the context types that are executed on the server.
The scripting engines in AM have two main components: security settings, and the thread pool.
