The figure below illustrates the flow of requests for a user logging into OpenAM and then being logged into WordPress with the user name and password from the OpenAM login session.
-
User authenticates to OpenAM establishing a session, OpenAM is configured to capture the password, encrypt it, and then store it in the user's session.
-
User browses to a WordPress page requiring authentication.
-
OpenAM Agent intercepts the request, validates the user session, and populates HTTP headers with the user name and encrypted password from the session.
-
Agent passes the original request with populated headers to OpenIG.
-
OpenIG inspects the request, does not find a match for the WordPress login page, so forwards the request on.
-
WordPress finds no application session and redirects to its login page.
-
OpenIG intercepts, sees the login page, creates the login form with the user name and decrypted password from the headers inserted by the Agent.
-
WordPress validates the login form, returns an application session and the user's home page.
-
WordPress home page returned to the user.
