PAC Headers | ||||
---|---|---|---|---|
Description | Stanza Entry |
Default |
Required | Notes |
PAC |
|
am-eai-pac | yes | Authentication data in PAC format. Direct conversion to credential. This header takes precedence over the user identity header. Place this header before others in the response headers. |
PAC Service ID |
|
am-eai-pac-svc | no | The service ID that should be used to convert the PAC into a credential. If no service ID is specified the default PAC service will be used. |
User Identity Headers | ||||
---|---|---|---|---|
Description | Stanza Entry |
Default |
Required | Notes |
User Identity |
|
am-eai-user-id | yes | The ID of the user to generate the credential for. This header should precede all others in the HTTP response. |
Authentication Level |
|
am-eai-auth-level | no | The authentication strength level for the generated credential. If no value is specified, a default value of 1 is used. |
Extended Attribute List |
|
am-eai-xattrs | no | A comma delimited list of HTTP header names that should be added to the credential as extended attributes. If attributes of the same name are specified by a custom authentication module build with the external authentication C API, the attributes from the custom module take precedence over the HTTP header attributes. |
Session Identifier Headers | ||||
---|---|---|---|---|
Description | Stanza Entry |
Default |
Required | Notes |
Session Identifier |
|
am-eai-session-id | yes | The identify of the distributed session managed by the Session Management Server. |
Common Headers | ||||
---|---|---|---|---|
Description | Stanza Entry |
Default |
Required | Notes |
Redirect URL |
|
am-eai-redir-url | no | Only used if WebSEAL does not have a cached request or when automatic redirection is not enabled. Specifies the URI that the client is redirected to upon successful authentication. If no URI is specified, the "login-success" page is returned. |
Flags header |
|
am-eai-flags | no | The only supported flag is stream. Example:
|