Class SingleSignOnValve
- java.lang.Object
-
- org.apache.catalina.util.LifecycleBase
-
- org.apache.catalina.util.LifecycleMBeanBase
-
- org.apache.catalina.valves.ValveBase
-
- ch.ivyteam.ivy.webserver.security.SingleSignOnValve
-
- All Implemented Interfaces:
MBeanRegistration
,org.apache.catalina.Contained
,org.apache.catalina.JmxEnabled
,org.apache.catalina.Lifecycle
,org.apache.catalina.Valve
public class SingleSignOnValve extends org.apache.catalina.valves.ValveBase
Only use this Valve if you exclusively access Axon Ivy over the WebApplication Firewall. Otherwise this will be a security hole.
This Valve is useful if Axon Ivy is protected by a WebApplication Firewall (WAF) with an integrated Identity and Access Management (IAM). Those systems will authenticate and authorize users. The identified user is then sent from the WAF to Axon Ivy using a HTTP request header.WebBrowser ==> WAF ==> Axon Ivy ^ | | | v v IAM ==> Active Directory
- Since:
- 6.6
- API:
- This is a public API.