AJAX proxy authentication
The AJAX proxy is integrated with the Credential Vault of the portal. The Credential Vault stores user credentials, such as user IDs and passwords. The integration allows portlets to log in to applications outside of portal.
By using the Credential Vault, the proxy can retrieve the credentials of a user and then pass this information to a target host for authentication. The authentication method is basic authentication.
The proxy generates a HTTP Authorization request header to transport the user credentials to the target server.
To enable the proxy to retrieve the correct user credentials from the Credential Vault, append the following two parameters to proxy URLs as query parameters:
- hpaa.slotid
- This parameter is mandatory. It identifies the Credential Vault slot from which the user credentials are retrieved. The slot identifier is an opaque string. The portlet needs to store this slot identifier after the slot for storing the user credentials has been created.
- hpaa.piid
- Optional. It identifies the portlet instance.
Notes:
- The proxy does not create the Credential Vault slot. Typically a portlet that uses the proxy allows you to specify the required user credentials in its edit mode.
- You can disable the forwarding of user credentials by using the configuration property forward-credentials-from-vault.
For details refer to the topic about General configuration parameters.
Parent topic:
The programming model for using the AJAX proxy
Related reference
General configuration parameters