apache web agent special authentications


This topic has 1 reply, 2 voices, and was last updated 5 years, 10 months ago by Peter Major.

  • Author
  • #14468

    I have few special scenarios I wonder if anyone solved.
    1. I have some service-to-service flows through apache (as reverse proxy). in these cases the openAM session cookie will NOT be present BUT other service-to-service tokens will be present. I want the web agent to let my other apache authentication modules verify these tokens. How can it be done? (exclusion list will not help since same URL can be accessed from user or service).

    2. Right after openAM cookie is verified, I want to have some internal logic (call some REST API to get some information based on username, and add this info as a header before the request continues into the application).
    can it be done with the current webagent (let’s assume I can code another module but don’t want to touch the webAgent module)?

     Peter Major

    2) you could probably write a custom policy response provider for this.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2022 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?