How would a custom authentication module get access to request cookies?

Hi, I'm considering writing a server-side plugin for authenticating against our internal SSO server.  To support the authentication, I would need to pass along a cookie from the request to the SSO server.  This may be a stupid question (I have almost no experience writing plugins), but how would I get hold of that cookie?  I have taken a look at but don't see a way to get hold of the HTTP request object.

Also, would the REST API automatically use the custom authentication module, so that if I passed a bogus username and password but a valid SSO cookie, auth would succeed?


Please sign in to leave a comment.