LOGBOOK

HELP

Quiz Entry - updated: 2026.06.20

How does delegated authentication work with a reverse proxy?

A reverse proxy sits in front of the apps and handles login centrally: unauthenticated requests are redirected to a login service, and only after a session is established does the proxy forward traffic to the app — so the apps never deal with passwords and SSO becomes possible.

Flow:

  1. Client requests /application1 → Reverse Proxy
  2. Proxy checks: No authenticated session → Returns 302 redirect to /login
  3. Client GETs /login → Receives HTML login form
  4. Client POSTs credentials → Authentication Service verifies
  5. On success: Session established, 302 redirect back to /application1
  6. Client requests /application1 with session → Proxy forwards to Application

Benefits:

  • Applications don't handle authentication directly
  • Centralized authentication logic
  • Single Sign-On (SSO) possible across multiple applications

From Quiz: SPRG / Authentication & Session Management | Updated: Jun 20, 2026