AnsweredAssumed Answered

Cookie handling for session establishment in CA API Gateway

Question asked by Apoorvkapil on Sep 9, 2016
Latest reply on Nov 30, 2016 by Stephen_Hughes

Hi,

 

I want to know how can i handle session using cookies in CA API Gateway(Layer7) Level.

Consider i don't have siteminder , I m just using standalone Software gateway 9.1 

 

USE CASE :

 

Consider my Request Information is like this,

 

Layer 7 Request URL :  https://l7host.com/listofproduct 

Method : GET,POST

security : Basic Authentication (username , password)

 

Another  Layer7 Request URL: "http://l7host.com/product/xyz"

Method: GET,POST

Security : Basic Authentication (username , password)

 

Now my use case is, i want if a user is Authenticated once using basic authentication , other API should not ask me for Authentication again.

 

this is considering only a rich client application(web based) is accessing my APIs which are capable of handling cookies.

 

Questions:

 

1. How can i do basic authentication from external Ldap(already configured) and store cookie after successful authentication, and if not prompt for basic authentication. 

2.  how can i handle the cookies using assertion across the different policies (APIs) , so that if a user already authenticated he not need to be authenticate again and cookies transfers across the different APIs .

 

 

Outcomes