Wiki Navigation

Authentication Request

Summary :

Gatekeeper authentication starts after the browser has received a valid authentication request. The authentication request is a standard (x)html web page which contains the necessary informations for the authentication request to take place.

Authentication request data :

X-GateKeeper-Authentication HTTP response header :

This header if detected is the one that trigger the gatekeeper extension.
Its value is : "path/to/token/validation/url"

If the authentication of the end user with the authentication portail AP is successful, AP will securely deliver to the end user an authentication token that will be presented to the web application at the url path contained in the GateKeeper-Authentication header.

That path always belongs to the domain of the url where the authentication request has been emitted.

The list of trusted authentication portail :

That list is embedded into the (x)html content, the web page can have a default style sheet that hide this list.

<ul id="gatekeeper.trusted-aps">
 <li>http://gkauth.domain1.com</li>
 <li>http://gkauth.domain2.com</li>
 <li>https://current.site.com</li> <!-- in domain authentication supported -->
</ul>

Download in other formats:

Plain Text