Upstream authentication
A dynamic whitelist filtering method that protects web applications against unauthorized access. Before a query is forwarded from a user to an application, upstream authentication ensures that the user does actually have access authorization. This completely excludes the greatest risk of all for web applications – attacks by unknown perpetrators. When authentication is delegated to this upstream instance (such as a web application firewall), it also becomes very easy to implement single sign-on scenarios across multiple web applications.