Class SingleSignOnValve
java.lang.Object
org.apache.catalina.util.LifecycleBase
org.apache.catalina.util.LifecycleMBeanBase
org.apache.catalina.valves.ValveBase
ch.ivyteam.ivy.webserver.security.SingleSignOnValve
- All Implemented Interfaces:
MBeanRegistration
,org.apache.catalina.Contained
,org.apache.catalina.JmxEnabled
,org.apache.catalina.Lifecycle
,org.apache.catalina.Valve
public class SingleSignOnValve
extends org.apache.catalina.valves.ValveBase
Only use this Valve if you exclusively access Axon Ivy over the WebApplication Firewall. Otherwise this will be a security hole.
This Valve is useful if Axon Ivy is protected by a WebApplication Firewall (WAF) with an integrated Identity and Access Management (IAM). Those systems will authenticate and authorize users. The identified user is then sent from the WAF to Axon Ivy using a HTTP request header.WebBrowser ==> WAF ==> Axon Ivy ^ | | | v v IAM ==> Active Directory
- Since:
- 6.6
- API:
- This is a public API.