Browse to WordPress. If you are not already logged into OpenAM you
should be redirected to the OpenAM login page. You should login with user
name george and password constanza.
After login you should be redirected back to the WordPress portal homepage.
Now click on the login link and OpenIG logs you in as George Costanza.
To see what is happening behind the scenes, take a look at
$HOME/.ForgeRock/OpenIG/config.json. Look for the
HandlerServlet. This is the servlet entry point to OpenIG. Notice it is
calling the DispatchHandler. The DispatchHandler has a condition which
checks for the presence of wp-login.php (the login
page) in the URI path. If the condition is false (no login page), the
ClientHandler is called sending the request on to the WordPress. If the
condition is true, the Gateway has found the login page, and calls the
LoginChain for further processing. The LoginChain calls its filters, the
CryptoFilter, which looks for the replay password header and decrypts it,
the LoginRequestFilter, which creates the login form, and then calls the
ClientHandler to send the form to the WordPress. If you look at the
LoginRequestFilter, you notice it defines the method, URI, and form
parameters for the request which is sent by the ClientHandler. In the
form parameters you see the user name and password retrieved from the user
name and replay password headers in the HTTP request. These headers are
created by the OpenAM agent from the user's OpenAM session and the replay
password header is decrypted by the CryptoFilter prior to the
LoginRequestFilter being executed.
