Xpert.ivy uses internally an embedded Tomcat web server. Maybe your SSO-Proxy delivers support for Tomcat (e.g. a Tomcat valve or realm or filter) so that Tomcat can use the user information from your SSO Proxy and provides them to the deployed web applications. Xpert.ivy is such a deployed web application and will read the user information provided by Tomcat. If there is an Xpert.ivy user that has the same name as the one provided by Tomcat it will automatically authenticated the user without any further configuration or logic necessary. Overview how this works: Client -> SSO-Proxy -> Tomcat -> SSO-Proxy-Valve -> Xpert.ivy SSO-Proxy: Delivers user name in UID http parameter SSO-Proxy-Value: Reads UID parameter and sets user principal on the tomcat request Xpert.ivy: Reads the user principal from the tomcat request and lookup a Xpert.ivy user with the same name. If it founds one it will be authenticate on the session automatically. This works similar to SSO with IIS described in the [Server Guide][1]. The main difference is that you have to install and configure the SSO-Proxy specific Tomcat value, realm or filter. filter. The corresponding tomcat configuration files are located at: - /webapps/ivy/WEB-INF/web.xml - /webapps/ivy/META-INF/context.xml However, there is also an API to do something similar in your process: import ch.ivyteam.ivy.security.IUser; String userName = ivy.request.getParameter("UID").toString(); IUser user = ivy.session.getSecurityContext().findUser(userName); ivy.session.authenticateSessionUser(user, "SSO-Proxy"); [1]: http://xpertivy.ch/releases/Xpert.ivy/5.0.latest/documents/ServerGuideHtml/ivy.server.integration.iis.html#N216F1

Xpert.ivy uses internally an embedded Tomcat web server. Maybe your SSO-Proxy delivers support for Tomcat (e.g. a Tomcat valve or realm or filter) so that Tomcat can use the user information from your SSO Proxy and provides them to the deployed web applications. Xpert.ivy is such a deployed web application and will read the user information provided by Tomcat. If there is an Xpert.ivy user that has the same name as the one provided by Tomcat it will automatically authenticated the user without any further configuration or logic necessary. Overview how this works: Client -> SSO-Proxy -> Tomcat -> SSO-Proxy-Valve -> Xpert.ivy SSO-Proxy: Delivers user name in UID http parameter SSO-Proxy-Value: Reads UID parameter and sets user principal on the tomcat request Xpert.ivy: Reads the user principal from the tomcat request and lookup a Xpert.ivy user with the same name. If it founds one it will be authenticate on the session automatically. This works similar to SSO with IIS described in the Server Guide. [Server Guide][1]. The main difference is that you have to install and configure the SSO-Proxy specific Tomcat value, realm or filter. However, there is also an API to do something similar in your process: import ch.ivyteam.ivy.security.IUser; String userName = ivy.request.getParameter("UID").toString(); IUser user = ivy.session.getSecurityContext().findUser(userName); ivy.session.authenticateSessionUser(user, "SSO-Proxy");"SSO-Proxy"); [1]: http://xpertivy.ch/releases/Xpert.ivy/5.0.latest/documents/ServerGuideHtml/ivy.server.integration.iis.html#N216F1

Xpert.ivy uses internally an embedded Tomcat web server. Maybe your SSO-Proxy delivers support for Tomcat (e.g. a Tomcat valve or realm or filter) so that Tomcat can use the user information from your SSO Proxy and provides them to the deployed web applications. Xpert.ivy is such a deployed web application and will read the user information provided by Tomcat. If there is an Xpert.ivy user that has the same name as the one provided by Tomcat it will automatically authenticated the user without any further configuration or logic necessary. Overview how this works: Client -> SSO-Proxy -> Tomcat -> SSO-Proxy-Valve -> Xpert.ivy SSO-Proxy: Delivers user name in UID http parameter SSO-Proxy-Value: Reads UID parameter and sets user principal on the tomcat request Xpert.ivy: Reads the user principal from the tomcat request and lookup a Xpert.ivy user with the same name. If it founds one it will be authenticate on the session automatically. This works similar to SSO with IIS described in the Server Guide. The main difference is that you have to install and configure the SSO-Proxy specific Tomcat value, realm or filter. However, there is also an API to do something similar in your process: import ch.ivyteam.ivy.security.IUser; String userName = ivy.request.getParameter("UID").toString(); IUser user = ivy.session.getSecurityContext().findUser(userName); ivy.session.authenticateSessionUser(user, "SSO-Proxy");

Xpert.ivy uses internally an embedded Tomcat web server. Maybe your SSO-Proxy delivers support for Tomcat (e.g. a Tomcat valve or realm or filter) so that Tomcat can use the user information from your SSO Proxy and provides them to the deployed web applications. Xpert.ivy is such a deployed web application and will read the user information provided by Tomcat. If there is an Xpert.ivy user that has the same name as the one provided by Tomcat it will automatically authenticated the user without any further configuration or logic necessary. Overview how this works: Client -> SSO-Proxy -> Tomcat -> SSO-Proxy-Valve -> Xpert.ivy SSO-Proxy: Delivers user name in UID http parameter SSO-Proxy-Value: Reads UID parameter and sets user principal on the tomcat request Xpert.ivy: Reads the user principal from the tomcat request and lookup a Xpert.ivy user with the same name. If it founds one it will be authenticate on the session automatically. However, there is also an API to do something similar in your process: import ch.ivyteam.ivy.security.IUser; String userName = ivy.request.getParameter("UID").toString(); IUser user = ivy.session.getSecurityContext().findUser(userName); ivy.session.authenticateSessionUser(user, "SSO-Proxy");