|Applies To||RSA ClearTrust Web Agent Extension (WAX) API|
|Issue||How to use WAX API to retrieve 3rd-party cookie and return it to client|
How to use WAX API to execute HTTP request against another web server and set its cookie on the client
|Cause||Customer is using WAX to post user's credentials to another (internal) site, which will return a cookie that must be placed on the client's machine - this ensures that, when navigating to the other site, that site's cookie will already be present (thus effecting SSO)|
|Resolution||RSA ClearTrust Agents operate in phases, with each phase covering a step in the process of protecting resources, the last phase being cookie setting. Any phase may have an arbitrary number of phase handlers registered via the WAX API and executed prior to the agent's phase handler. Custom code is written as a phase handler to execute a post operation against the 3rd-party site, retrieving that site's cookie. The user's credentials are retrieved from the request data table, a hash table named ct_request_data. Once the 3rd-party site's cookie data is obtained, it can be added to the cookies to be returned to the user in a Set-Cookie: header with the function ct_set_cookie_header( ) (see ct_request_data.h).|
See the WAX API documentation for more details.
NOTE: This solution only works if all web servers are in the same domain. The browser cookie issued by the agent is always issued to the web server domain of the agent.
|Legacy Article ID||a25302|