Forum Discussion
Steve_W_85246
Nimbostratus
NimbostratusClient Initiated SSO configuration in iRule
I have a situation where an in house application uses both Basic Authentication (Weblogic system prompt) as well as HTML form based login pages.
I wanted to try out the Client Initiated Forms ...
Steve_W_85246Nimbostratus
Nimbostratus
1. Is the HTML form INSIDE the WL system? In others words, is it in the same session, same IP, same VIP?
Yes, the HTML login form is part of the application code running on WL
2. Do you have to keep re-authenticating (via Basic) to the WL system throughout the session, or are further requests handled by a session token? Does the WL system expect the Authorization header in every request?
I believe WL creates a session token that keeps the authentication session alive.
3. Can you potentially, by virtue of the first authentication, skip the second one (or do something else like HTTP headers)?
I tried setting the Basic-Auth header in the iRule, while the client-initiated forms handled the HTML login form, but it didnt seem to work
4. Is there a specific need for the client-initiated forms SSO over the more static forms SSO?
I tried using the static SSO forms initially but I couldnt get them to do the form filll of the actual HTML login form of the application code. Thats when I started looking at the client-initiated forms.
Thanks again for your help.
Steve
