AnsweredAssumed Answered

Apache Basic authentication + Siteminder authentication

Question asked by NeerajChase on Feb 28, 2015
Latest reply on Mar 4, 2015 by Karmeng

Hello Everyone,


Has anyone implemented apache basic authentication feature along with siteminder authentication.


We have a business requirement where customer wants apache basic authentication to be enabled for a resource and siteminder authentication should also work.


Here is the use case:


1. I have a resource /mobile/htmlsso.jsf fully protected and /mobile/index.jsf anonymous protected.

2. There are few resources for e.g. /mobile?partnerid=80company=test on which apache basic prompt is enabled.

3. There are few more resource with basic prompt enabled, just that their query parameter value will get changed.

4. Now, with siteminder agent not installed, when user access /mobile/index.jsf he doesn't get basic prompt and when he access /mobile?partnerid=80company=test, he gets apache basic prompt which is correct as per conditions.

5. When siteminder is enabled, if we hit /mobile/index.jsf it shows up the apache prompt where as conditions of query parameters like partnerid=80 is not matching. Also /mobile/index.jsf is anonymously protected. So showing up prompt is not the correct behaviour with siteminder enabled.

6. Further if we give basic creds on that pop and then try to do login on resource /mobile/htmlsso.jsf which is fully protected with siteminder, siteminder login doesn't work, it just hangs up in the browser and nothing comes up which is really strange.

7. From the agent logs it appears that it only checked if /mobile/htmlsso.jsf is protected and collecting credentials but nothing apart from that.

8. When we hit /mobile/index.jsf, and pop-up appears, only logs we see is it is anonymously protected, nothing else.


I know the basic prompt feature of apache can also be fullfilled with siteminder but customer wants this apache pop-up to be enabled as they have some restrictions.


I want to know if anyone has worked on a case where apache prompt and siteminder login both are working. If yes, please share your views on this. if you need any info, I will be able to provide you.