Removal of client BA header information
Understand how basic authentication header information is removed from client requests and the conditions required for this implementation.
The -b filter option instructs WebSEAL to remove all basic authentication header information from any client requests before requests are forwarded to the back-end server. In this scenario, WebSEAL becomes the single security provider.
The following conditions exist for this solution:
- Basic authentication is configured between the client and WebSEAL.
- The back-end server does not require basic authentication.
- The back-end server can be accessed only through WebSEAL.
- WebSEAL handles authentication on behalf of the back-end server.
If we need to supply the back-end server with some client information, we can combine this option with the -c option to insert Security Verify Access client identity information into HTTP header fields. See Client identity in HTTP headers (-c).
Parent topic: Single Sign-on Solutions