SubjectsExternal

External Subject Representation allows to configure the contents of the external representation of authenticated subjects in a variety of formats, including:

  • SAML assertions (passed embedded into SAML or WS-* protocols or passed on the basis of custom conventions; for example, HTTP request headers, attributes or content).

  • Request injection:

    • JAAS subjects (passed between Java EE PEPs and their hosting containers, resulting in an information supply to downstream applications).

    • OAuth tokens (passed embedded into OAuth protocol).

    • Custom HTTP request and response headers, attributes or content.

    • Custom audit event properties.

  • The following sections describe how to use DirX Access Manager to configure the external representation of authenticated subjects in these formats.