Uploaded image for project: 'Application Server 3 4 5 and 6'
  1. Application Server 3 4 5 and 6
  2. JBAS-2283

Custom header based authentication

    XMLWordPrintable

Details

    Description

      We have been getting requests for custom authentication methods based around prorpietary headers/logic. The following attachments describe the oracle COREid product.

      B19006.pdf - high level overview of how the product works
      B19008v2.pdf - details of authentication protocol (p. 85 - 92)
      B19013.pdf - documentation about API

      Likely the most important part is assuming a user is who the HTTP_OBLIX_UID header says they are. The COREid server and the firewall should protect the server from unauthorized access.

      Attachments

        1. B19006.pdf
          793 kB
        2. B19008v2.pdf
          2.99 MB
        3. B19013.pdf
          4.54 MB

        Issue Links

          relates to

          Task - Represents a small unit of work that is not end-user facing. JBAS-2480 Prototype federated identity/sso

          • Major - To be worked after higher priority work items are addressed. When the severity is high and the effort to change it is low to moderate, this term is chosen. Issues in this category likely have an existing workaround but implementation or execution may be non-trivial.
          • Closed

          Activity

            People

              anil.saldhana Anil Saldanha (Inactive)
              starksm64 Scott Stark (Inactive)
              Votes:
              2 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

                Created:
                Updated:
                Resolved: