Protected resource with session sequence flow

The protected resource, with session sequence describes the sequence of events which occur when a user attempts to access a protected web resource, in a known application, where an existing Access Gateway session already exists.

Sequence flow




1 User requests resource.
2 Access Gateway checks for session.
Session exists for requested application.
3 Access Gateway checks if resource is protected.
4 Access Gateway evaluates timeouts and behaves as defined by Application session timeout interaction.


Access Gateway evaluates request in the context of any associated policy


Access Gateway forwards request with all defined headers to application.


Application returns request to Access Gateway.


Access Gateway rewrites and returns response to User.

Related topics

Reference architectures

About Access Gateway DNS use

About Access Gateway high availability

About Access Gateway prerequisites