|  | 
                            
                  
    
    
        Sesame is a Reverse Proxy that provides authentication and authorization
        services for all incoming HTTP traffic, in addition to offering
        transparent web SSO to protected applications.
       
          
    
    
        
          Mapping of any part of the incoming URL to an application and
          mapping to that application URL (supports regular expression
          replacements). The mapping is defined in an XML file.
        
          Store all cookies and HTTP headers on behalf of the client. Note:
          permanent cookies are not supported in the first release.
        
          Support for Web SSO for BASIC and Form-Based authentication. The
          SSO parameteres (Form-based parameters named, authentication type,
          authenticating URL, etc) are defined per application and in an XML
          configuration file.
        
          Support for User credentials (user name + password) and User roles
        
          Data store is an XML file in the first version (but flexible to allow
          any type of Data store to be used). Later versions will provide
          built-in LDAP support.
        
          No planned support in release 1 to extract the session if URL
          encoded by an application, i.e. it will be sent as is to the client,
          along with Sesame session id (either in Cookie or URL encoded). We
          must be careful with session ids so that they don't clash.
        
          Support of HTTP 1.0 and 1.1.
        
          No support of HTTPS (SSL) with applications in release 1. Will be
          provided in future releases.
        
          Passing of information to called applications, such as :
          username, roles, language, country, device. The Language, country and
          Device (user-agent) are passed as standard HTTP headers. Username and
          roles are passed either as URL parameters or POST parameters
          (configurable per application in the XML configuration file).
        
          No dynamic reconfiguration for release 1. This will be provided in
          subsequent versions.
        
          Performance is important for a reverse proxy. Release 1 will provide
          benchmarks.
        
          No page parsing to replace URLs in release 1. This will be provided
          in subsequent releases.
         |