Altair® Panopticon

 

Header

It is possible to use a web-facing Panopticon Real Time behind a proxy server that will handle the authentication of users. The proxy server forwards the name of the user and roles to Panopticon Real Timeas HTTP headers for every request.

For requests where headers are blank or missing, they are treated like anonymous requests while requests where the user HTTP header are valid are treated like authenticated requests with that specific username. 

Requests from the proxy server are fully trusted and checks are no longer performed at Panopticon Real Time with regard to the validity of the username. The authorization on workbooks and administration will work as usual.

To activate the Header authentication, add or update the following properties in the Panopticon.properties  file:

authentication.type=HEADER

authentication.header.role.delimiter=,

authentication.header.roles={roles header}

authentication.header.rolesdynamic={dynamic roles header}

authentication.header.username={userid header}

 

For example:

authentication.type=HEADER

authentication.header.role.delimiter=,

authentication.header.roles=X-Roles,X-Company

authentication.header.rolesdynamic=watcher,role_for_{X-Company}

authentication.header.username=X-User