Welcome Serena Central users! CLICK HERE
The migration of the Serena Central community is currently underway. Be sure to read THIS MESSAGE to get your new login set up to access your account.
skoithodan1 Absent Member.
Absent Member.
208 views

sso login keep the requested method after authentication


Hi,

In our AG we have a protected resource which allow only POST requests.
It reject if the request is of GET. And from an external source we use
SSO login with target parameter to login to this resource as below url.
http://tinyurl.com/o4ur9c4

The external source send this request as POST, but after authentication
the target resource is accessed as GET which get rejected.
Is there a way we can keep the requested method and submit to target
resource with the same method after authentication?
Or Is there a way we can rewrite the request in AG to force POST
submission for a resource?
We use Access Manager 4.0.1.

Thanks
Koithodan


--
skoithodan
------------------------------------------------------------------------
skoithodan's Profile: https://forums.netiq.com/member.php?userid=228
View this thread: https://forums.netiq.com/showthread.php?t=53400

0 Likes
6 Replies
Anonymous_User Absent Member.
Absent Member.

Re: sso login keep the requested method after authentication

skoithodan wrote:

>
> Hi,
>
> In our AG we have a protected resource which allow only POST requests.
> It reject if the request is of GET. And from an external source we use
> SSO login with target parameter to login to this resource as below
> url. http://tinyurl.com/o4ur9c4
>
> The external source send this request as POST, but after
> authentication the target resource is accessed as GET which get
> rejected. Is there a way we can keep the requested method and submit
> to target resource with the same method after authentication?
> Or Is there a way we can rewrite the request in AG to force POST
> submission for a resource?
> We use Access Manager 4.0.1.


Are you trying to protect a webservice or something?

--
Cheers,
Edward
0 Likes
skoithodan1 Absent Member.
Absent Member.

Re: sso login keep the requested method after authentication


No, It is a servlet. That is protected by AG and accessed directly from
an external application using sso.
thanks
Koithidan


--
skoithodan
------------------------------------------------------------------------
skoithodan's Profile: https://forums.netiq.com/member.php?userid=228
View this thread: https://forums.netiq.com/showthread.php?t=53400

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: sso login keep the requested method after authentication

skoithodan wrote:

>
> No, It is a servlet. That is protected by AG and accessed directly
> from an external application using sso.
> thanks
> Koithidan


I reckon the only way you can 'fix' this is by using a non-redirected
login but from memory that'll limit you to basic authentication only.
See if a non-redirected login fixes this first I'd say.


--
Cheers,
Edward
0 Likes
skoithodan1 Absent Member.
Absent Member.

Re: sso login keep the requested method after authentication


Thanks Edward!
I will test this and update you whether it works for our requirements.

thanks
Koithodan


--
skoithodan
------------------------------------------------------------------------
skoithodan's Profile: https://forums.netiq.com/member.php?userid=228
View this thread: https://forums.netiq.com/showthread.php?t=53400

0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: sso login keep the requested method after authentication

On 4/29/2015 9:04 AM, skoithodan wrote:
>
> Thanks Edward!
> I will test this and update you whether it works for our requirements.
>
> thanks
> Koithodan
>
>

Just for reference this is documented here:
https://www.netiq.com/documentation/netiqaccessmanager4/accessgatewayhelp/data/prlist.html#contractextensions

Edward has a stellar memory 🙂

--
-----------------------------------------------------------------------
Will Schneider
Knowledge Partner http://forums.netiq.com

If you find this post helpful, please click on the star below.
0 Likes
Anonymous_User Absent Member.
Absent Member.

Re: sso login keep the requested method after authentication

Will Schneider wrote:

> On 4/29/2015 9:04 AM, skoithodan wrote:
> >
> > Thanks Edward!
> > I will test this and update you whether it works for our
> > requirements.
> >
> > thanks
> > Koithodan
> >
> >

> Just for reference this is documented here:
> https://www.netiq.com/documentation/netiqaccessmanager4/accessgatewayh
> elp/data/prlist.html#contractextensions
>
> Edward has a stellar memory 🙂


Not really, we've just been bitten by similar issues 🙂 I learn through
pain

--
Cheers,
Edward
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.