The figure and the steps below detail the flow between the browser, OpenIG and the portal for a basic login sequence to the portal. The key concept to understand is all requests to the application are routed through OpenIG by modifying the DNS entry for the target application. OpenIG can then be configured to intercept specific pages, such as login pages, and create requests to log the user in.
-
User browses to the Portal, browser host makes a DNS request to get the IP address for
demo.forgerock.com, DNS returns the IP address of OpenIG. -
Browser sends the request to OpenIG.
-
OpenIG inspects the request, finds no login page match.
-
OpenIG forwards the original request to the Portal.
-
Portal finds no local application session and redirects to the Portal login page.
-
OpenIG intercepts the redirect, inspects the request, finds a login page match.
-
OpenIG creates the login form.
-
OpenIG POSTs the login form to the Portal.
-
Portal validates the login and redirects to the Portal end user page.
-
OpenIG receives the final redirect and passes it back to the Browser.
