ISAM for Web – WebSEAL – Stream EAI authentication response to browser

By default, when External Authentication Interface (EAI) authentication has been configured, and the authentication header is returned to WebSEAL by the backend application server, WebSEAL authenticates the user, and then generates a 302 redirect to either the cached request or the login redirect url.

default

If you want the page returned to the browser but the authentication to continue, this is possible and simple, there is a HTTP header to return from the EAI. A Streamed EAI response looks like the following:

stream

# The name of the header which is used to 'flag' the authentication
# response with extra processing information.  The supported flags
# (.i.e. header values) include:
#    - stream: Used to indicate that the authentication response should
# be streamed back to the client.
eai-flags-header = am-eai-flags

The EAI header returned from the application server would look like this:

am-eai-user-id: someusername
am-eai-flags: stream

This is particularly useful if you want to keep the HTTP POST response from the login page, or maintain the application session state via URLs.

More on the External Authentication Interface in ISAM for Web here.

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

WordPress.com.

Up ↑

%d bloggers like this: