security - SSO for two applications that use different identity providers -


i want perform sso between 2 web apps. here scenario:

apps & b (both provide restful api). app b uses form based authentication , can not make modifications app b. also, app , app b maintains different user stores authentication.

user registers in app , after registering, logs in app , calls api app b require user authentication.

the goal ensure once user logs app should able call authenticated api of app b without need logging in app b again.

i went through cloud based sso solutions provided pingidentity, stormpath , few other vendors , looks sso across multiple applications require either applications should trust same identity provider or apps should understand saml/open id. also, require me change way app b handles authentication (but can not make changes app b.

i have thought of simple solution scenario (which in way sso approach http://www.opengroup.org/security/sso/sso_intro.htm)

once user logs in app a, server make background login call app b (using pre-configured default credentials app b). in response login, app b issue session cookie passed in subsequent api calls app b. approach has drawbacks of using default credentials app b it's simple , work.

however, before going path, wanted know if scenario can handled in different way using standard sso solutions ?

traditionally, there "glue" binds sso applications together. there needs inherent trust between 2 applications. commonly done protocols (saml / open idc) or shared secrets (for validating signatures).

in scenario describing, have no control or access how app b authenticates, need authenticate "in background" app b , hold on session cookie subsequent requests.

however, inherently insecure. it's creating anonymous login app b using users of app a. far app b concerned, same user logging in.

if had ability create account in app b such each account in app had analogous account in app b logged in to, more secure.

hope helps!

full disclosure: work stormpath.


Comments

Post a Comment

Popular posts from this blog

php - Wordpress website dashboard page or post editor content is not showing but front end data is showing properly -

Image
recently have uploaded wordpress site onto server. have uploaded wordpress site in sub-folder under root folder ../root(domain root folder)/wordpress (where host wordpress folder). now problem content data in page or post in dashboard of wordpress admin panel not showing - see image. but data showing in front view - see image. if not browser cache issue , not issue happened tinymce editor during upgrade; try add config file: define('concatenate_scripts', false);
Read more

javascript - Get parameter of GET request -

i make request: createxhrrequest( "get", fileurl, function( err, response ) { if( err ) { alert( "error get!" ); } alert(response); }); and full response: { "status" : "ok", "message" : "jvberi0xljqkjdduxdgkmy how can jvberi0xlj ? i try response.message , response["message"]. nothing works. just simple access this: var json = json.parse(response); json.message
Read more

javascript - Twitter Bootstrap - how to add some more margin between tooltip popup and element -

Image
i have not tryed since can't understand space between tooltip , element made/added bootstrap, tooltip near element triggers tooltip event. i make tooltip opening little bit away element, add more margin tooltip , eleemnt mean. i understand how in css if possible , if possible make both right,left,top,bottom tooltips hope question clear. this how tooltips looks on app: and , how should looks after this default css tooltip on top : .tooltip.top { padding: 5px 0; margin-top: -3px; } you can override in own css : .tooltip.top { margin-top: -10px; } note code work work tooltip on top, you'll nedd adapt css 3 other orientations : .tooltip.top { margin-top: -10px; } .tooltip.right { margin-left: 10px; } .tooltip.bottom { margin-top: 10px; } .tooltip.left { margin-left: -10px; }
Read more