apache web agent special authentications

Tagged: 

This topic has 1 reply, 2 voices, and was last updated 4 years, 10 months ago by Peter Major.

  • Author
    Posts
  • #14468
     yshie
    Participant

    hi
    I have few special scenarios I wonder if anyone solved.
    1. I have some service-to-service flows through apache (as reverse proxy). in these cases the openAM session cookie will NOT be present BUT other service-to-service tokens will be present. I want the web agent to let my other apache authentication modules verify these tokens. How can it be done? (exclusion list will not help since same URL can be accessed from user or service).

    2. Right after openAM cookie is verified, I want to have some internal logic (call some REST API to get some information based on username, and add this info as a header before the request continues into the application).
    can it be done with the current webagent (let’s assume I can code another module but don’t want to touch the webAgent module)?

    #14538
     Peter Major
    Moderator

    2) you could probably write a custom policy response provider for this.

Viewing 2 posts - 1 through 2 (of 2 total)

You must be logged in to reply to this topic.

©2021 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?