How to write an external authentication application

The design, methodology, and code for the external authentication application is entirely the responsibility of the application developer. This developer reference document does not provide any instructions for the construction of this authentication operation.

However, the following conditions for the operation of external authentication interface should be considered when developing the custom application:

• The external authentication interface server is junctioned to WebSEAL.
• Identity information resulting from the custom authentication process is returned to WebSEAL in specially named HTTP response headers (as configured in the WebSEAL configuration file).
• Multi-step authentications are allowed.
• The external authentication application must be available to unauthenticated users.

• WebSEAL checks its user registry for credential information. Therefore, the external authentication application must either share the same registry with WebSEAL, or the external authentication application must return user information matching an entry in the WebSEAL user registry.

• External authentication interface - authentication flags
  

Parent topic: External authentication interface configuration