Creating an Identity Injection Policy for Basic Authentication

This section explains how to enable single sign-on by creating an Identity Injection policy that injects the user’s authentication credentials into a header. The web server uses the credentials in the authentication header to satisfy its login requirements.

On the Home page, click Access Gateways > Edit > DAL > Dallistener > Protected Resources.
In the Protected Resource List, click sales_page.
Click Identity Injection > Manage Policies > New.
For the new policy, fill in the following fields:

Name: Specify Basic_Auth for the name.

Type: Select Access Gateway: Identity Injection for the type.
Click OK.
In the Actions section, click New, select Inject into Authentication Header, then select the following values:

User Name: Select Credential Profile. The LDAP Credentials: LDAP User Name value is automatically selected for you. This credential is the cn attribute of the user.

Password: Select Credential Profile. Click LDAP Credentials: LDAP User Name, then select LDAP Credentials > LDAP Password.

Your policy must look similar to the following:
Click OK to close the policy editing page, then click OK to close the Rule List page.
In the Policy List page, click Apply Changes, then click Close.
Select the Basic_Auth check box, click Enable, then click OK.
Click OK to return to the Protected Resource List. Your list must look similar to the following:
To save your configuration changes, click Access Gateways link, then click Update > OK.
To test the configuration:
1. Open a new browser, then enter the URL of the Digital Airlines website you created.
  
  In this example, it is am3bc.provo.novell.com.
2. Log in as Tom.
  
  The Digital Airlines site must appear with Sales System.
3. Click Sales System. You must have access to the Sales System site, as shown below:
  
  For more information about Identity Injection policies, see Section 7.4, Identity Injection Policies.
4. Close all sessions of the browser.