blmulholland wrote:

> For one of the form-based login apps I put some log statements in, and
> except when the login form submits, there are no credentials supplied
> to the app upon further requests. In fact, some other developers
> engaged in a workaround because of this, acquiring connection to a
> particular backend product and holding the connection for the life of
> the session.
> Can NAM be configured to always supply the user/pass in the header
> upon each request? That would be the absolute ideal solution. If
> you could describe or link me to a document where this is explained,
> I would love that.

On the proxy you configure you can configure a protected resource for
lets say /* and then assign a identity injection policy to that. Every
url accessed will then have this II policy applied.