Best practices: Header applications
The most common Access Gateway integration involves legacy Web Access Management (WAM) applications based on values contained in request headers.
WAM solutions:
- May be custom build, or third party solutions such as Oracle Access Manager, CA Siteminder, or others.
- Rely on header attributes for single sign-on.
- Were often deployed behind proxy web-servers such as Apache.
- Involves validating application header contents before testing with back end protected web resources.
When configuring an application for header based single sign-on make sure you review the steps to place the application behind a proxy server. Many Access Gateway troubleshooting situations arise not from SSO but because the application was incorrectly configured for a proxy server.
Review attribute requirements
Before integrating any header-based application examine all required and expected header elements. Ensure that the application definition in Access Gateway includes all required attributes.
Application was previously served by Apache HTTP Server
In situations where protected web resources were previously fronted by Apache, Apache may have added header elements to requests before they were forwarded.
The Apache mod_header file often defined all required header fields and can be used as a source of information for expected header content.
Proxy and load balancers
Many applications use the terms web proxy and load balancer interchangeability. Examine any documentation related to web proxies, load balancers, and related content to determine application attribute value requirements.