How to decrypt Federation Open Format Cookie (Java)

Document ID : KB000047172
Last Modified Date : 14/02/2018
Show Technical Document Details

Summary:

In this guide we will discuss how to consume (decrypt) Federation OFC cookie generated by Policy server

 

Environment:

  • Policy Server : R12.52+,
  • OS : ANY

 

Pre-requisite:

Policy Server is already configured to generate OFC cookie for partnership federation 

 

Instructions:

 

1. Compile attached SampleFedOFCConsumer.java

2. Put the jars from the attached jars.zip in the classpath.

 

The primary decryption logic at the relying party is following:

 

  1. The Java Application creates an implementation class of the IFederationOpenIdentity interface 

    IFederationOpenIdentity fedOpenIdentity = new FederationOpenIdentityImpl(cookieZone,encryptionPassword.toCharArray(),cookieDomain, encryptionTransformation, false);
  2. The Java application can also call the processCookie() method to extract all the attributes from a cookie object and set them in the Storage Map.

    //Decrypt OFC cookie
    fedOpenIdentity.processCookie(myOFCCOokieVale);
  3. The Java application can get values for all the attributes that are put in the Storage Map using the getAttributes(), getAttribute(), getAuthnContext(), getSessionID(), getNameID(), getNameIDFormat(), and getUserConsent() methods. 

    //Read Attributes 
    Map map = fedOpenIdentity.getAttributes();

 

 

Attachment:

 

Testing:

 

 

Additional Information:

File Attachments:
TEC1539809.zip