AnsweredAssumed Answered

Using HCP HS3 with AD Authentication

Question asked by Aleksandr Rainchik on Oct 30, 2018
Latest reply on Nov 1, 2018 by Aleksandr Rainchik

HCP Documentation states that we can use Active Directory accounts for HS3 authentication by passing HTTP Header

 

Active Directory authentication

To provide credentials for Active Directory authentication, you use the Authorization request header with a value in the format shown below:

Authorization: AD ad-username:ad-password

In this format:

ad-username is the AD user account username.

ad-password is the AD user account password.

Here’s an example of an Authorization header for AD authentication:

Authorization: AD lgreen@example.com:p4sswOrd

 

AWS Java SDK allows me to add custom headers, so I'm ok here, but SDK still expects me to pass Basic AWS authentication information. If I use empty or random string - I get this error:

 

com.amazonaws.SdkClientException: Unable to load AWS credentials from any provider in the chain 

        at com.amazonaws.auth.AWSCredentialsProviderChain.getCredentials(AWSCredentialsProviderChain.java:131)

        

So how do I tell AWS Java SDK to use AD Authorization header only and do not pass any AWS authentication data?

 

Thank you!

Outcomes