By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

another way to get the session token?

0

When a user wants to purchase my saas, AWS spawns a copy of my app and includes a token in the header. I need to use that token to call ResolveCustomer(). But AWS is not calling my app directly. Instead, due to security needs AWS spawns a copy of OneLogin/SAML where it checks the users authentication. After the authentication, OneLogin/SAML spawns my application. The problem is that OneLogin is not forwarding the token to my application. So my app cannot run ResolveCustomer() to continue the handshake between AWS and my App. OneLogin is running in a different process than my application.

I have tried stuffing the token into a cookie for my application to use but there are limitations on sending two cookies at once in PHP. So, besides using a cookie, is there any AWS sdk function that will allow my app to request the cookie, rather than through the POST?

Topics
AWS Marketplace
Tags
AWS Marketplace - Seller
Language
English
Rich
asked 9 months ago214 views
1 Answer
1

While I don't have a direct answer, I do have guidance that may help. Consider manipulating post and cookie information using CloudFront. Through Lambda@Edge functions you can read and manipulate the http request body, header, and cookies. This occurs before the request traffic reaches your application.

Hope this helps, please approve this answer if it does

profile picture
Bryant Pollard
answered 9 months ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content