Bypass Login Page in Chain

salbertelli01 · January 24, 2022, 5:00am

Posted by ray.deng83

Hi Folks, A quick question here.

We are using 6.5.1 and we have a scenario where upstream application captures and sends user credentials to OpenAM authentication chain. By default, OpenAM should show a custom branded login page and use data store for user credentials validation. However, within this scenario, since the user credentials have been captured, we don’t want to show the OpenAM login page. Instead, OpenAM should directly validate the credentials. The authentication chain should proceed if credential validation is successful, or it returns with an error response to the upstream application if credential validation is failed.

Questions:

How should the upstream app forward the user credentials to OpenAM chain?
How can I bypass the OpenAM login page?

Thanks and appreciate your input!

scott.heger.thig · July 18, 2022, 8:17pm

25 Jan

I would recommend using a Tree vs a Chain. With a tree you have the Zero Page Login Collector node that looks for username and password in headers in the request. If you are stuck with using a chain, take a look at the HTTP Basic authentication module. I haven’t used that one but it might do what you are looking for.

salbertelli01 · July 18, 2022, 8:23pm

You may also find the following KB articles helpful.