Class SingleSignOnValve
- java.lang.Object
-
- org.apache.catalina.util.LifecycleBase
-
- org.apache.catalina.util.LifecycleMBeanBase
-
- org.apache.catalina.valves.ValveBase
-
- ch.ivyteam.ivy.webserver.security.SingleSignOnValve
-
- All Implemented Interfaces:
MBeanRegistration
,org.apache.catalina.Contained
,org.apache.catalina.JmxEnabled
,org.apache.catalina.Lifecycle
,org.apache.catalina.Valve
public class SingleSignOnValve extends org.apache.catalina.valves.ValveBase
Only use this Valve if you exclusively access Axon.ivy over the WebApplication Firewall. Otherwise this will be a security hole.
This Valve is useful if Axon.ivy is protected by a WebApplication Firewall (WAF) with an integrated Identity and Access Management (IAM). Those systems will authenticate and authorize users. The identified user is then sent from the WAF to Axon.ivy using a HTTP request header.WebBrowser ==> WAF ==> Axon.ivy ^ | | | v v IAM ==> Active Directory
- Since:
- 6.6
- API:
- This is a public API.