In the regular non-PDF scenario you describe, consider when the site serving the HTML and images is protected using Basic Authentication. In that scenario after you’ve logged in to get the main HTML page, each request for the images contain the Authorization header with a value such as “Basic c2ltb246c2ltb24=”. It doesn’t use sessionids or cookies to identify the user.

In our scenario the Tivoli proxy in front of our application server adds the iv_user header to requests that are forwarded to the application server. The application server looks for that header to identify the user.

To get this to work with Flying Saucer / xhtmlrenderer I wrote a custom UserAgentCallBack which copied the request header from the initial request through to those being used to generate the PDF. This solved the authentication problem for both Basic Auth (as we have in our development environment) and for the custom Tivoli header we have in our production environment.

Is there a way to do something similar with PD4ML ?

Or, preferably, can PD4ML.useHttpRequest() be made to read the headers in the HTTP request provided and use them in requests being made by PD4ML to generate the PDF?