Policy Server :: Active Response : Basic Access Authentication
Article ID: 48887
Updated On:
Products
Issue/Introduction
Description:
I would like to know if there is a built-in active response in SiteMinder to set in the browser a user name and password encoded in the header as for example :
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
(http://en.wikipedia.org/wiki/Basic_access_authentication)
Solution:
By design, there is no built-in active response for that sake in SiteMinder, for the main reason that by design, this is the browser to set that header and not the server, because this is the browser to gather credentials :
"Server response:
HTTP/1.1 401 Authorization Required
Server: HTTPd/1.0
Date: Sat, 27 Nov 2004 10:18:15 GMT
WWW-Authenticate: Basic realm="Secure Area"
Content-Type: text/html
Content-Length: 311
[...]
Client request "Aladdin:open sesame" (user name "Aladdin",
password "open sesame"):
GET /private/index.html HTTP/1.1
Host: localhost
Authorization: Basic QWxhZGRpbjpvcGVuIHNlc2FtZQ==
[...]
Server response:
HTTP/1.1 200 OK
Server: HTTPd/1.0
Date: Sat, 27 Nov 2004 10:19:07 GMT
Content-Type: text/html
Content-Length: 10476"
For that sake, you might need to write Custom code to catch the username and password (probably somewhere at authentication phase).
Further, even using Custom non browser client, documentation state the same :
"Enable Non-browser Client Support
You can configure HTML Form schemes that collect Basic (username and password) credentials to authenticate users using nonbrowser HTTP clients. These clients can be developed using Perl scripts, C++, and Java programs that communicate using HTTP protocol.
Custom clients must send the basic credentials with the initial request through an HTTP Authorization header or SiteMinder does
not authenticate the users. If the credentials are not sent through an HTTP Authorization header, SiteMinder redirects to the
HTML Form scheme without nonbrowser client support."
Environment
Component: SMPLC
Attachments
Feedback
