The parameter HTTP Basic Authentication governs whether
client authentication will be mandated for HTTP clients accessing
this connector over the network. You can implement this process by
the provided methods.
There are two different ways to implement HTTP Basic Authentication
with the HTTP Server Connector:
- Using an Authentication Connector
This is a mechanism
for compatibility with the old HTTP EventHandler (which is no longer
present in the current version of
IBM® Security Directory Integrator). A connector parameter
Auth
Connector specifies an
IBM Security Directory Integrator Connector
that will be used in Lookup Mode, with the username and password for
the HTTP Basic Authentication data specified as the Link Criteria:
- If the lookup returns an Entry, the authentication is considered
successful and the HTTP Server Connector proceeds with processing
the client's request.
- If the lookup cannot find an Entry, the client is not authenticated
and the request will not be processed.
- Script authentication
This mechanism requires a certain
amount of coding, but provides more power and lets you implement authentication
through your own scripting. It can only be used when the Auth Connector parameter
is NULL or empty.
The Connector will make available to you
the username and password values in the "After GetNext" Hook through
the
getUserName() and
getPassword() public
Connector methods. It is now your responsibility to implement the
authentication mechanism. The authentication code must be placed
in the "After GetNext" Hook. You should call the Connector's
rejectClientAuthentication() method
from the AssemblyLine hook if authentication is not successful. Consider
the following example authentication script code:
var httpServerConn = thisConnector.connector;
var username = httpServerConn.getUserName();
var password = httpServerConn.getPassword();
//perform verification here
successful = true;
if (!successful) {
httpServerConn.rejectClientAuthentication();
}