Class SingleSignOnValve

  • All Implemented Interfaces:
    MBeanRegistration, org.apache.catalina.Contained, org.apache.catalina.JmxEnabled, org.apache.catalina.Lifecycle, org.apache.catalina.Valve

    public class SingleSignOnValve
    extends org.apache.catalina.valves.ValveBase

    Only use this Valve if you exclusively access Axon.ivy over the WebApplication Firewall. Otherwise this will be a security hole.

    This Valve is useful if Axon.ivy is protected by a WebApplication Firewall (WAF) with an integrated Identity and Access Management (IAM). Those systems will authenticate and authorize users. The identified user is then sent from the WAF to Axon.ivy using a HTTP request header.
     WebBrowser ==> WAF ==> Axon.ivy
                     ^          |
                     |          |
                     v          v        
                    IAM ==> Active Directory
    This is a public API.