Construct OGNL expressions
Use OGNL expressions and syntax to evaluate and manipulate attribute values and return information based on the results.
OGNL is based on the Java programming language. You can transform a range of values into a text description or do the same for a sequence of ranges.
Use the #
symbol to reference OGNL variables. For an identity provider (IdP), PingFederate provides predefined OGNL variables for IdP-adapter attributes, any attributes retrieved from datastores, and attributes for token authorization. For a service provider (SP), variables are available for attributes received in an assertion, an attribute query, and attributes for token authorization. For example, you can retrieve the SAML_SUBJECT
value with #SAML_SUBJECT
.
Use the following construction for any attributes from any source that contain special characters that cannot be parsed by OGNL: |
Because OGNL uses the “at” symbol ( |
Data store syntax
For datastore attributes with an attribute source ID, use the #this.get("ds.attr-source-id.attribute_name")
syntax.
For datastore attributes without an attribute source ID, use the #this.get("ds.attribute_name")
syntax.
Other variable syntax
To access mapped attributes, use the #this.get("mapped.attribute_name")
syntax.
To access most context attributes, use the #this.get("context.attribute_name")
syntax.
To access the HTTP Request context attribute, use the #this.get("context.HttpRequest").getObjectValue()
syntax.
The returned value is an instance of |