- Preface
- Required Configuration
- Handlers
- Filters
- AllowOnlyFilter
- AssignmentFilter
- CapturedUserPasswordFilter
- CertificateThumbprintFilter
- ClientCredentialsOAuth2ClientFilter
- ConditionalFilter
- ConditionEnforcementFilter
- ChainOfFilters
- CookieFilter
- CorsFilter
- CrossDomainSingleSignOnFilter
- CryptoHeaderFilter
- CsrfFilter
- DateHeaderFilter
- EntityExtractFilter
- FapiInteractionIdFilter
- FileAttributesFilter
- ForwardedRequestFilter
- HeaderFilter
- HttpBasicAuthenticationClientFilter
- HttpBasicAuthFilter
- IdTokenValidationFilter
- JwtBuilderFilter
- JwtValidationFilter
- LocationHeaderFilter
- OAuth2ClientFilter
- OAuth2ResourceServerFilter
- PasswordReplayFilter
- PolicyEnforcementFilter
- ScriptableFilter
- SessionInfoFilter
- SetCookieUpdateFilter
- SingleSignOnFilter
- SqlAttributesFilter
- StaticRequestFilter
- SwitchFilter
- ThrottlingFilter
- TokenTransformationFilter
- UmaFilter
- UriPathRewriteFilter
- UserProfileFilter
- Decorators
- Audit Framework
- Monitoring
- Throttling Policies
- Miscellaneous Configuration Objects
- Property Value Substitution
- Expressions
- Expressions
- Functions
- array
- boolean
- contains
- decodeBase64
- decodeBase64url
- digestSha256
- encodeBase64
- encodeBase64url
- fileToUrl
- formDecodeParameterNameOrValue
- formEncodeParameterNameOrValue
- indexOf
- integer
- integerWithRadix
- ipMatch
- join
- keyMatch
- length
- matchingGroups
- matches
- pathToUrl
- pemCertificate
- read
- readProperties
- readWithCharset
- split
- toJson
- toLowerCase
- toString
- toUpperCase
- trim
- urlDecode
- urlEncode
- urlDecodeFragment
- urlDecodePathElement
- urlDecodeQueryParameterNameOrValue
- urlDecodeUserInfo
- urlEncodeFragment
- urlEncodePathElement
- urlEncodeQueryParameterNameOrValue
- urlEncodeUserInfo
- More Information
- Patterns
- Scripts
- Properties
- Requests, Responses, and Contexts
- AttributesContext
- CapturedUserPasswordContext
- ClientContext
- Contexts
- CdSsoContext
- CdSsoFailureContext
- JwtBuilderContext
- JwtValidationContext
- JwtValidationErrorContext
- OAuth2Context
- PolicyDecisionContext
- Request
- Response
- SessionContext
- SessionInfoContext
- SsoTokenContext
- Status
- StsContext
- TransactionIdContext
- URI
- UriRouterContext
- UserProfileContext
- Access Token Resolvers
- Secret Stores
- Supported Standards
Requests, Responses, and Contexts
Contexts provide contextual information about the handled request, such as information about the client making the request, the session, the authentication or authorization identity of the principal, and any other state information associated with the request. Contexts provide a means to access state information throughout the duration of the HTTP session between the client and protected application, including when this involves interaction with additional services.
Each filter can add to the contextual information by enriching the existing context (for example, by storing objects in sessions or attributes), or by providing a new context tailored for a specific purpose.
Unlike session information, which spans multiple request/response exchanges, contexts last only for the duration of the request/response exchange, and are then lost.
IG provides the following requests, responses, and contexts: