Allow getting displayName/e-mail with auth.type=HTTP
When using HTTP-based authentication, the SSO can be
delegated to check not only the user credentials
but also to fetch the full user-profile (e.g. SiteMinder does).
With the config properties auth.httpDisplaynameHeader
and auth.httpEmailHeader it is possible to configure
the name of the headers used for propagating this
extra information and enforce them on the user profile
during login and beyond. This allows the company to
take full control of the user profile through a unique
entry point using HTTP authentication.
This is particularly useful if we consider all the
existing authentication mechanisms available with
an HTTP front-end reverse proxy:
- Kerberos
- Radius
- Generic SQL Database
- SiteMinder
- OAuth
Change-Id: I12f9cc0386acd11c03eeaa7475e4e9e8ab94a555
6 files changed
