PingFederate Server

Using custom solutions for grant storage

Use the PingFederate SDK to implement a custom solution for grant storage.

Steps

  1. Implement the AccessGrantManager interface.

    For more information, see the Javadoc for the AccessGrantManager interface, the SampleAccessGrant.java file for a sample implementation, and the SDK Developer’s Guide for build and deployment information.

    The Javadoc for PingFederate and the sample implementation are in the <pf_install>/pingfederate/sdk directory.

  2. Edit the <pf_install>/pingfederate/server/default/conf/service-points.conf file.

    1. Locate the AccessGrantManager service point.

      <!-- Service for storage of access grants -->
      <service-point id="AccessGrantManager" interface="com.pingidentity.sdk.accessgrant.AccessGrantManager">
           <create-instance class="org.sourceid.oauth20.token.AccessGrantManagerJdbcImpl"/>
      </service-point>
    2. Update the class attribute value to the name of your class.

    3. Save the file.

    For a clustered PingFederate environment, you must edit the hivemodule.xml file on each node manually as cluster replication can’t replicate this change to other nodes.

  3. Deploy the required program files of your custom implementation to all PingFederate servers.

  4. Start or restart PingFederate.

For a clustered PingFederate environment, replicate this new configuration to other engine nodes on System > Server > Cluster Management. Start or restart the PingFederate service on each engine node to activate the change.