|
|
Sesame is a Reverse Proxy that provides authentication and authorization
services for all incoming HTTP traffic, in addition to offering
transparent web SSO to protected applications.
-
Mapping of any part of the incoming URL to an application and
mapping to that application URL (supports regular expression
replacements). The mapping is defined in an XML file.
-
Store all cookies and HTTP headers on behalf of the client. Note:
permanent cookies are not supported in the first release.
-
Support for Web SSO for BASIC and Form-Based authentication. The
SSO parameteres (Form-based parameters named, authentication type,
authenticating URL, etc) are defined per application and in an XML
configuration file.
-
Support for User credentials (user name + password) and User roles
-
Data store is an XML file in the first version (but flexible to allow
any type of Data store to be used). Later versions will provide
built-in LDAP support.
-
No planned support in release 1 to extract the session if URL
encoded by an application, i.e. it will be sent as is to the client,
along with Sesame session id (either in Cookie or URL encoded). We
must be careful with session ids so that they don't clash.
-
Support of HTTP 1.0 and 1.1.
-
No support of HTTPS (SSL) with applications in release 1. Will be
provided in future releases.
-
Passing of information to called applications, such as :
username, roles, language, country, device. The Language, country and
Device (user-agent) are passed as standard HTTP headers. Username and
roles are passed either as URL parameters or POST parameters
(configurable per application in the XML configuration file).
-
No dynamic reconfiguration for release 1. This will be provided in
subsequent versions.
-
Performance is important for a reverse proxy. Release 1 will provide
benchmarks.
-
No page parsing to replace URLs in release 1. This will be provided
in subsequent releases.
|
