HTML Form-based Authentication

• Overview
• Configuration

Overview

HTML Form-based Authentication enables users to supply their user name and password details in an HTML form, and submit them to login to a system. Using HTML form-based authentication, normal HTTP authentication features such as HTTP Basic or HTTP Digest are not used. Instead, the user name and password are typically sent as HTML <FORM> data in an HTTP POST over SSL.

When the HTML Form-based Authentication filter is configured, the Enterprise Gateway can authenticate the user details specified in the HTML form against a user profile stored in the Enterprise Gateway local repository, a database, or an LDAP directory.

Configuration

To configure the HTML Form-based Authentication filter, complete the following fields:

Name
Enter an appropriate name for the filter.

Username
Enter the name of the HTML form field in which the user enters their username. Defaults to username.

Password
Enter the name of the HTML form field in which the user enters their password. Defaults to password.

Credential Format
You must specify the format of the user credentials presented by the client because the Enterprise Gateway has no way of telling one credential format from another. Select from User Name or Distinguished Name in the drop-down list. The selected format is then used internally by the Enterprise Gateway when performing authorization lookups against third-party Identity Management servers.

Repository Name
This specifies the name of the Authentication Repository where all user profiles are stored. This can be in the Enterprise Gateway's local repository, in a database, or in an LDAP directory. Select a pre-configured Repository Name from the drop-down list.

You can add a new repository by right-clicking the appropriate node under External Connections -> Authentication Repository Profiles (for example, Database Repositories), and selecting Add a new Repository. For more details, see the Authentication Repository tutorial.