Authorization decision information from HTTP requests
WebSEAL can pass configured elements from the HTTP request to the authorization framework for use when it is making authorization decisions.
The following HTTP request elements can be passed to the authorization framework:
- The HTTP method of the request
- The HTTP scheme of the request
- The request URI
- The client IP address
- Specific HTTP headers contained in the request
- Specific POST data elements contained in the request. WebSEAL supports two types of POST data:
- Normal FORM data, which is the application/x-www-form-urlencoded content-type.
- JavaScript Object Notation (JSON) data, which is the application/json content-type. For information about the JSON syntax, see http://www.json.org.
The [azn-decision-info] stanza in the WebSEAL configuration file specifies the extra information passed to the authorization framework.
For information about how to configure WebSEAL to pass extra information to the authorization framework, see the web reverse proxy Stanza Reference topics.
Parent topic: WebSEAL-specific ACL policies