Use the PingFederate SDK to implement a custom solution for grant storage.
-
Implement the
AccessGrantManager
interface.Note: For more information, see the Javadoc for theAccessGrantManager
interface, the SampleAccessGrant.java file for a sample implementation, and the SDK Developer's Guide for build and deployment information.Tip:The Javadoc for PingFederate and the sample implementation are in the <pf_install>/pingfederate/sdk directory.
-
Edit the
<pf_install>/pingfederate/server/default/conf/service-points.conf
file.
-
Go to the
# Service for storage of access grants
section.# Service for storage of access grants # Supported classes: # org.sourceid.oauth20.token.AccessGrantManagerJdbcImpl : Use this service-point for a Jdbc implementation # org.sourceid.oauth20.token.AccessGrantManagerLDAPADImpl : Use this service-point for a Microsoft Active Directory implementation # org.sourceid.oauth20.token.AccessGrantManagerLDAPOracleImpl : Use this service-point for an Oracle Directory Server Enterprise Edition implementation # org.sourceid.oauth20.token.AccessGrantManagerLDAPPingDirectoryImpl : Use this service-point for a PingDirectory implementation # org.sourceid.oauth20.token.AccessGrantManagerDynamoDBImpl : Use this service-point for an Amazon DynamoDB implementation access.grant.manager=org.sourceid.oauth20.token.AccessGrantManagerJdbcImpl
-
Change the value of the
access.grant.manager
service to the name of your class.
Note:For a clustered PingFederate environment, you must edit the service-points.conf file on each node manually because cluster replication can't replicate this change to other nodes.
-
Go to the
- Deploy the required program files of your custom implementation to all PingFederate servers.
-
Start or restart PingFederate.
Note:
For a clustered PingFederate environment, replicate this new configuration to other engine nodes on System > Server > Cluster Management. Start or restart the PingFederate service on each engine node to activate the change.