January 24, 2022 at 4:23 pm #28781ray.deng83Participant
Hi Folks, A quick question here.
We are using 6.5.1 and we have a scenario where upstream application captures and sends user credentials to OpenAM authentication chain. By default, OpenAM should show a custom branded login page and use data store for user credentials validation. However, within this scenario, since the user credentials have been captured, we don’t want to show the OpenAM login page. Instead, OpenAM should directly validate the credentials. The authentication chain should proceed if credential validation is successful, or it returns with an error response to the upstream application if credential validation is failed.
1. How should the upstream app forward the user credentials to OpenAM chain?
2. How can I bypass the OpenAM login page?
Thanks and appreciate your input!January 25, 2022 at 12:29 am #28782Scott HegerParticipant
I would recommend using a Tree vs a Chain. With a tree you have the Zero Page Login Collector node that looks for username and password in headers in the request. If you are stuck with using a chain, take a look at the HTTP Basic authentication module. I haven’t used that one but it might do what you are looking for.
You must be logged in to reply to this topic.