The "On Behalf Login Steps" share common information and during each step the information:
- They start with the general identity propagation context information.
- Then steps may add pieces of information (like CSRF-tokens).
- After all steps have been executed, the cookies defined in the cookie-mappings are retrieved.
- Then the cookies are modified according to the cookie-mappings and returned in the final redirect response to the Airlock Gateway (WAF).
All On Behalf Login steps are performed by the same Http Client instance configured through the "Http Client" property. On Behalf Login Steps share information about the state of the on-behalf-login process through a Step Context. A particular step can store for example an extracted value from a HTTP response in this Step Context to make it available for use in further steps. The task of the "On Behalf Login Steps" is to collect the necessary information to perform the login in the target application (for e.g. CSRF-tokens) and finally to perform the login into the target application.
Typically, a "Http Post On Behalf Login Step" is configured as final step which performs the login with all the collected information. Cookies set by the target application while performing the On Behalf Login Steps are collected, undergo a mapping and are then propagated to Airlock. Be sure that Airlock has set the "Interpret Cookie Domain" option such that it sends the session cookie upon further requests to the back-end application.
Available steps:
- CSRF Token Extraction Step: Performs a HTTP GET request and extracts a CSRF-token from the resulting page.
- HTTP POST Step: Performs a HTTP POST request.
- HTTP GET Step: Performs a HTTP GET request.