AJAX proxy authentication

The AJAX proxy is integrated with the Credential Vault of the portal. The Credential Vault stores user credentials, such as user IDs and passwords. The integration allows portlets to log in to applications outside of portal.

By using the Credential Vault, the proxy can retrieve the credentials of a user and then pass this information to a target host for authentication. The authentication method is basic authentication. The proxy generates a HTTP Authorization request header to transport the user credentials to the target server.

To enable the proxy to retrieve the correct user credentials from the Credential Vault, append the following two parameters to proxy URLs as query parameters:
hpaa.slotid
This parameter is mandatory. It identifies the Credential Vault slot from which the user credentials are retrieved. The slot identifier is an opaque string. The portlet needs to store this slot identifier after the slot for storing the user credentials has been created.
hpaa.piid
This parameter is optional. It identifies the portlet instance.
Notes:
  • If you want to limit the access of the AJAX proxy to only a subset of the available slots in the Credential Vault, you can use a regular expression that contains the allowed slot IDs. To do this, define the custom property proxy.cv.slot.regex in the WP Config Service resource environment provider, and specify your regular expression as the value. Note that this applies only if credential forwarding is enabled, which is the default. For details about how to set WP Configuration Service parameters refer to the topic about Setting service configuration properties. For details about how to set credential vault entries refer to the topic about Portlet authentication.
  • The proxy does not create the Credential Vault slot. Typically a portlet that uses the proxy allows you to specify the required user credentials in its edit mode.
  • You can disable the forwarding of user credentials by using the configuration property forward-credentials-from-vault. For details refer to the topic about General configuration parameters.