The various sorts of plugins and script in the Gateway, get fed with a StateHolder object which contains all information about the current request - plugins manipulate the content of this object, e.g. by using the Agent within to authenticate, or by changing the request attributes.
When scripts are called, the variable "context" points to this object.
Allows authenticating using HTTP Basic Authentication - meaning the HTTP Request Header "Authorization" with contents "Basic xxxxxxx" where xxxxxxx is a base64 encoded version of userid:password. Please note that the password is not encrypted, but just encoded using base64 encoding, which makes this a relatively weak authentication method so the entire transport must be appropriately encrypted, using HTTPS.
Supports using FORMS authentication, where user can authenticate using HTTP query or POST parameters. Is also often used to simply redirect to another forms page somewhere else - e.g. in a login application if the user is not authenticated.
Supports NTLM authentication in an intranet environment.
Supports SPNEGO/Kerberos with NTLM fallback types of authentication in intranet environments.
Allows use of OpenID Connect authentication - supports redirecting to authentication providers and handles the response from them - supports use of Authorization Code flow to obtain an ID/Access token from an authorization code.
Allows authenticating clients using SSL Client certificate.
Allows using ADFS / SAML WebSSO / WSTrust to authenticate users - supports acting both as an identity provider, and a relying party.
Allows using a cookie with an LTPA Token to authenticate users - enables easier SSO with IBM products such as WebSphere, Liberty Server and iNotes.
Allows using an API Key to authenticate a caller - usually used when making REST calls.
For the AuthenticatorScript, you can script authentication based upon the incoming request. Below is an example that looks in HTTP headers or query parameters named X-User and X-Password.
If found, it will attempt to authenticate the user.