3. Enabling placement of server name into junction header
We can configure WebSEAL to add the server name in the junction header.
Use the [header-names] <header-data> stanza entry to configure WebSEAL to add a header with the URI-encoded authorization API administration server name to requests for junctioned applications. If we do not configure this entry, WebSEAL does not add any headers to the request.
The <header-data> entry has the following format:
[header-names] <header-data> = <header-name>where:
- <header-data>
- The type of data that WebSEAL adds to the <header-name> header of the request. Use the value server-name to add the ISAM authorization server name for the WebSEAL server.
- <header-name>
- The name of the header that holds the data.
The following value is set in the default WebSEAL configuration file.
[header-names] server-name = iv_server_name
This setting adds a header called iv_server_name to pass the name of the server to junctioned applications. For this example, if the WebSEAL instance is default-webseald-diamond.subnet1.ibm.com, WebSEAL passes the following header to the junction:
iv_server_name:default-webseald-diamond.subnet1.ibm.com
Typically, the default value iv_server_name is used. However, we can replace it with any valid string. Valid strings are limited to the following characters: A-Z, a-z, 0-9, hyphen ( - ), or underscore ( _ ).
- Ensure the <header-data> stanza entry is set with a <header-data> value of server-name in the configuration file for the WebSEAL instance. For example:
[header-names] server-name = iv_server_name
- Restart the WebSEAL server.
Parent topic: Configure credential refresh