Internal authenticators aim to identify users trying to access http based resources located on the local PAS server itself. The config UI, for instance, is by default protected by an internal authenticator.
A successful authentication typically will create an authenticated http session.
Flow described in image below.
All the internal authenticators share some properties. These properties are covered here.
Note that some may not be applicable due to context specifics. For instance, template properties will have no effect on authenticators not using templates.
Detailed properties description
All internal authenticators ultimately ends with a redirect to a preconfigured location. By setting:
Any query data present at first entry will be added to the redirect.
When wanting to use session data when rendering templates this can be achieved by setting:
In this case template will try to find mobile and mail in session and try to inject their value into the template.
Note that only single values are supported. Null or empty is rendered as empty.
In templates allowing for users to change the language disable language meny by setting:
Almost all templates have an icon element defined. By changing this the icon can be customized. Note that the path is relative from <INSTALLATION_ROOT>/mods/com.phenixidentity~auth-http~x.x.x/web/
Used for adding additional translation. Two possible types of configuration:
This will inject the value found in the key "custom.key.valy" in the current locale.
"key": "title","mapKeyTo": "ppsspassms.messages.title"
This will try to find the element "title" and inject the value stored in "ppsspassms.messages.title" for the current locale.
Both configuration options can be used.
Use for context specific configuration. This is often proprietary bound to the template used.