My webMethods Server 10.11 | My webMethods Server Webhelp | My webMethods Server Portlet Reference | My webMethods Server Security | Http Header Authentication Admin Portlet
 
Http Header Authentication Admin Portlet
Portlet Title
Http Header Authentication Admin
Portlet Name
wm_httpheaderauth
Portlet File Name
wm_httpheaderauth.pdp
Top-level Folder
admin
JSR168 Portlet?
No
Alias
portlet/wm_httpheaderauth
Default Instances of the portlet
Folders > Administrative Folders > Administration Dashboard > Configuration > Http Header Authentication Administration
Security. Administrators use this portlet to secure My webMethods Server authentication with an external security provider, for example, SiteMinder or Oblix.
To allow an external security provider to control My webMethods Server authentication, administrators use this portlet to deploy My webMethods Server into an Enterprise Security Infrastructure. As a result, the external security provider passes the user ID information that My webMethods Server is to use for authentication in the HTTP header. For more information, see information about external configuration credentials in Administering My webMethods Server.
Properties
User Header Name (userHeaderName)
Identifies the HTTP header field that you want My webMethods Server to examine to determine the identity of the current user making a request. Specify an HTTP header field. The external security system sets the value of this field in the HTTP header. By default, My webMethods Server uses the sm_user field to determine the current user.
Enable HTTP Header Authentication (enableHttpHeaderAuth)
Indicates whether you want My webMethods Server to actively look for the HTTP header field identified by the User Header Name (userHeaderName) property and automatically log in users. Specify one of the following:
*trueMy webMethods Server uses the User Header Name (userHeaderName) property to automatically log in users.
*false – Default. My webMethods Server does not automatically log in users.
Logout URL (logoutURL)
Defines the page to redirect a user to after the user logs off My webMethods Server. Specify the URL of the page. The ability to redirect a user to another URL is dependent on the external security infrastructure.
If the property has no value, although the user is able to log out of My webMethods Server, the security provider does not recognize the attempt to log off. As a result, the next request following the log off attempt passes through the security provider and My webMethods Server automatically logs the user in again.