Writing a Remote SSO Headers/Cookies Resource Policy

Remote SSO Headers/Cookies resource policies specify customized Web applications to which the system posts custom headers and cookies.

When creating a Headers/Cookies policy, note that the system does not parse or "understand" the headers that you enter in this section. For instance, if you add an Accept-Encoding: gzip or Accept-Encoding:deflate header, it does not mean that the system can handle gzip content or deflated content.

To write a remote SSO Headers/Cookies resource policy:

1.In the admin console, select Users > Resource Policies > Web.

2.If your administrator view is not already configured to show SSO policies, make the following modifications:

1. Click the Customize button in the upper right corner of the page.
2. Select the SSO check box.
3. Select the Headers/Cookies check box below the SSO check box.
4. Click OK.

3.Select the SSO > Headers/Cookies tab.

4.On the Headers/Cookies Policies page, click New Policy.

5.Enter a name to label this policy (required) and a description of the policy (optional).

6.In the Resources section, specify the resources to which this policy applies.

7.In the Roles section, specify:

•Policy applies to ALL roles - To apply this policy to all users.

•Policy applies to SELECTED roles - To apply this policy only to users who are mapped to roles in the Selected roles list. Make sure to add roles to this list from the Available roles list.

•Policy applies to all roles OTHER THAN those selected below - To apply this policy to all users except for those who map to the roles in the Selected roles list. Make sure to add roles to this list from the Available roles list.

8.In the Action section, specify:

•Append headers as defined below - Post the user data specified in the POST details section to the specified URL when a user makes a request to a resource specified in the Resources list.

•Do NOT append headers as defined below - Do not post the user data specified in the POST details section to the specified URL when a user makes a request to a resource specified in the Resources list.

•Use Detailed Rules - Select this option to specify one or more detailed rules for this policy.

9.In the Headers and values section, specify the:

•Header name - The text for to send as header data.

•Value - The value for the specified header.

If you need to forward a cookie to a backend server, you must set the Header Name field to "Cookie" and the Value field to "CookieName=CookieValue".

10.Click Save Changes.

11.On the Headers/Cookies Policies page, order the policies according to how you want to evaluate them. Keep in mind that once the system matches the resource requested by the user to a resource in a policy's (or a detailed rule's) Resource list, it performs the specified action and stops processing policies.