1 Reply Latest reply on Nov 15, 2007 7:03 PM by Viet

    Injecting user/role using http headers

    Ganesh Math Newbie

      Is it possible to inject the user and role information from an external authentication engine through HTTP headers? I want to somehow configure the portal to blindly use the user/role that are being passed as HTTP headers in the first request.

      From what I have been reading so far, I believe it's possible to write a custom login module and override validatePassword method to not verify the password in portal's data source. But I am not sure how I can make the portal blindly use the user/role strings in the HTTP header of the incoming request?