PingAccess provides the Groovy script and OAuthOAuth
A standard framework that enables an application (OAuth client) to obtain access tokens from an
OAuth authorization server for the purpose of retrieving protected resources on a
resource server. Groovy script rule types, which enable the use of Groovy, a dynamic
programming language for the Java Virtual Machine (JVM)Java Virtual Machine (JVM)JVM
A virtual machine that allows a computer to run Java programs and programs that are compiled to
Java bytecode..
Groovy scripts provide advanced rule logic that extends PingAccess rule development beyond the capabilities of
the packaged rules. For more information, see the Groovy documentation.
Groovy scripts have access to important PingAccess
runtime objects, such as the Exchange and PolicyContext objects, which the scripts can
interrogate and modify.
Groovy functions treat strings literally, and matchers perform case-sensitive string
evaluation unless otherwise specified. For example, in the following line of code,
the caseSensitive parameter determines whether the Groovy
function performs case-sensitive comparison on the value.
Groovy script rules are invoked during the request processing phase of an exchange,
allowing the script to modify the request before it is sent to the server. Groovy
script rules are also invoked during the response, allowing the script to modify the
response before it is returned to the client.
Note:
You can’t access a mediated token through a Groovy rule because token mediation
occurs after PingAccess
rule processing.
The following diagram highlights the flow of rule processing.
During request processing, rules associated with the application are
evaluated.
The request passes through each of the rules before PingAccess allows it to proceed.
The response passes through the rules in a manner based on your deployment:
In a proxy deployment, the response from the site passes through each of
the rules.
In an agent deployment, the response to the agent indicating the policy
approval or denial passes through each of the rules.