How to have Post Data Preservation in IG/AM environment?

This topic has 0 replies, 1 voice, and was last updated 10 months, 2 weeks ago by zen.leow.

  • Author
    Posts
  • #26578
     zen.leow
    Participant

    Hi community,

    I have a somewhat noob question. Not sure if this falls under AM or IG so I post in both forums.

    I have IG fronting an application. IG route contains SSOFilter so attempt to access the application through IG will prompt for authentication and only authenticated sessions gets to reach the application. This is well and good for typical web browsing.

    But I have a use case where users can submit form data from another unprotected site to my application. What’s happening now is when the form data is posted to my application, IG intercepts and force user to authenticate via AM. I was expecting after successful login, the original post request will get forwarded to my backend application while maintaining method and post data. But what I’m seeing now is after authentication, IG forward the request using GET and the original post data is gone. As that form processing rejects any method other than POST, I get a 405 error thrown.

    If I redo the form submission again from the other app using the same browser, it is successfully processed as there is no need to route to an authentication chain.

    How can I configure IG to maintain the post data before/during/after authentication?

    I have already enabled Post Data Preservation in the Java agent settings in AM that IG uses to connect to the AMService. May I know what else is missing?

    I’m guessing the AM form with the goto parameter is simply redirecting to the originally requested URL, and such redirecting is always a GET. How then can I satisfy this seemingly simple use case?

    Any advise is appreciated. Thank you.

    regards,
    Zen

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.

©2020 ForgeRock - we provide an identity and access platform to secure every online relationship for the enterprise market, educational sector and even entire countries. Click to view our privacy policy and terms of use.

Log in with your credentials

Forgot your details?