With this mechanism Pure can authenticate a user taken from a predefined HTTP header (set by a web client or web server in front of Pure)

Required configuration steps

No configuration required

Optional configuration

• To use a header with a different name than REMOTE_USER this can be changed in Principal Request Header

Note that this mechanism logs in users without validating any credentials. A secure setup will require a web server in front of Pure to control that no un-authorized client can send the header to Pure.