Removal of client BA header information

Understand how basic authentication header information is removed from client requests and the conditions required for this implementation.

The -b filter option instructs WebSEAL to remove all basic authentication header information from any client requests before requests are forwarded to the back-end server. In this scenario, WebSEAL becomes the single security provider.

The following conditions exist for this solution:

Figure 1. Removing client BA header information
Removing client BA header information

If we need to supply the back-end server with some client information, we can combine this option with the -c option to insert Security Verify Access client identity information into HTTP header fields. See Client identity in HTTP headers (-c).

Parent topic: Single Sign-on Solutions