Dear
Abhishek Soni,
It's not because of the "Authenticate Against Identity Provider", it's because of "Require HTTP Basic Credentials".
Browser popup is how the basic authentication works.
If you want to show login html, you would have to handle the whole authentication flow, for example,
client (browser) -> login endpoint(on gateway, return template response as login html page) -> user input credential on login page, POST the credential as form data parameters to the API endpoint on gateway -> read the credential parameters and construct a credential XML context variable -> Require XPath Credentials Assertion -> Authenticate Against Identity Provider
Before we "Authenticate Against Identity Provider", we need a credential object, we have different assertion for different credential source, "Require HTTP Basic Credentials" and "Require XPath Credentials Assertion" are 2 of them, the former creates credential object from request
Authorization header, the later picks up username/password from an XML. (by default it should read from the xml payload of the request, but you can set the target as a context variable -- the credential xml we construct from form data parameters)
HTTP Basic authentication is much easier, as the browser build the authorization header for you.
Regards,
Mark
Original Message:
Sent: 10-11-2020 09:57 PM
From: Abhishek Soni
Subject: Authentication - Show login page instead of browser popup
I am trying to authenticate a user from a LDAP source(Microsoft Active Directory), so I used the access control assertion: "Authenticate Against Identity Provider". CA API Gateway shows a browser popup when we use this assertion.
How can we configure the the gateway to show a login html page instead of the browser popup?