000021841 - How to use WAX API to retrieve 3rd-party cookie and return it to client

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000021841
Applies ToRSA ClearTrust Web Agent Extension (WAX) API
IssueHow to use WAX API to retrieve 3rd-party cookie and return it to client
How to use WAX API to execute HTTP request against another web server and set its cookie on the client
CauseCustomer is using WAX to post user's credentials to another (internal) site, which will return a cookie that must be placed on the client's machine - this ensures that, when navigating to the other site, that site's cookie will already be present (thus effecting SSO)
ResolutionRSA ClearTrust Agents operate in phases, with each phase covering a step in the process of protecting resources, the last phase being cookie setting. Any phase may have an arbitrary number of phase handlers registered via the WAX API and executed prior to the agent's phase handler. Custom code is written as a phase handler to execute a post operation against the 3rd-party site, retrieving that site's cookie. The user's credentials are retrieved from the request data table, a hash table named ct_request_data. Once the 3rd-party site's cookie data is obtained, it can be added to the cookies to be returned to the user in a Set-Cookie: header with the function ct_set_cookie_header( ) (see ct_request_data.h).

See the WAX API documentation for more details.

NOTE: This solution only works if all web servers are in the same domain. The browser cookie issued by the agent is always issued to the web server domain of the agent.
Legacy Article IDa25302