HTTP Basic Auth interface

The Airlock IAM Loginapp provides an interface for HTTP Basic Authorization for username/password checks. This is useful for non-browser HTTP clients knowing how to handle HTTP Basic Auth (it also works with the browser).

If enabled in the configuration, it responds to requests on URI /http-basic-auth (relative to the Loginapp URL).

If no "Authorization" header with username and password is present in a request to the URI, an HTTP status code 401 with the corresponding WWW-Authenticate header is returned. It uses the page access-unauthorized.jsp as body.


  • In Airlock IAM, the feature can be enabled in: Loginapp >>  Authentication Settings > Group Advanced Settings > Property HTTP Basic Auth Settings
  • 30805695.png
  • On Airlock Gateway (WAF): change the Access Denied URL of the corresponding mapping to from /check-login to /http-basic-auth.