AJAX proxy authentication
The AJAX proxy is integrated with the Credential Vault of the portal. The Credential Vault stores user credentials, such as user IDs and passwords. The integration allows portlets to log in to applications outside of portal.By using the Credential Vault, the proxy can retrieve the credentials of a user and then pass this information to a target host for authentication. The authentication method is basic authentication. The proxy generates a HTTP Authorization request header to transport the user credentials to the target server.
To enable the proxy to retrieve the correct user credentials from the Credential Vault, append the following two parameters to proxy URLs as query parameters:
- hpaa.slotid
- This parameter is mandatary. It identifies the Credential Vault slot from which the user credentials are retrieved. The slot identifier is an opaque string. The portlet needs to store this slot identifier after the slot for storing the user credentials has been created.
- hpaa.piid
- Optional. It identifies the portlet instance.
- To limit the access of the AJAX proxy to only a subset of the available slots in the Credential Vault, we can use a regular expression containing the allowed slot IDs. To do this, define the custom property proxy.cv.slot.regex in the WP Config Service resource environment provider, and specify your regular expression as the value. Note that this applies only if credential forwarding is enabled, which is the default. For details about how to set WP Configuration Service parameters refer to the topic about Setting service configuration properties. For details about how to set credential vault entries refer to the topic about Portlet authentication.
- The proxy does not create the Credential Vault slot. Typically a portlet that uses the proxy allows us to specify the required user credentials in its edit mode.
- We can disable the forwarding of user credentials using the configuration property forward-credentials-from-vault. For details refer to the topic about General configuration parameters.
Parent: The programming model for using the AJAX proxy
Related:
Set service configuration properties
Related reference:
General configuration parameters
Related:
Portlet authentication