Build.One Documentation
Page tree

Versions Compared

Old Version 11

changes.mady.by.user Cosmin Ichim

Saved on

compared with

New Version 12

changes.mady.by.user Cosmin Ichim

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Front-end - Back-end interaction:

 

Logic-flow:

  1. The client sends POST request with AD credentials to the "/web/Login/Login.html" access-point on the PASOE (swat-backend).
  2. PASOE forwards AD credentials to NodeJS (node-main).
  3. NodeJS handles AD authentication, using passport with passport-ldapauth strategy. Then responds with ssoSessionId & ssoUserId, if authentication successful.
  4. PASOES passes back to Client the ssoSessionId & ssoUserId.
  5. Client logins into PASOE with ssoUserId & ssoSessionId.
  6. PASOE handles login using HybridRealm with ISwatAuthenticationService by checking if the ssoSessionId & ssoUserId is valid in nodeJs.
  7. Client is authenticated.

...

 

Note: node-main is hidden behind PASOE server from the client's perspective.

 

In order to use ActiveDirectory authentication, the following configuration settings must be present in pasoe-config.xml / OEPAS_config.xml:

...

Code Block
languagexml
titlepasoe-config.xml / OEPAS_config.xml
	<AllowedAuthentication>ActiveDirectory</AllowedAuthentication>
	<ssoAuthenticationURI>http://localhost:8888/auth/ad/login</ssoAuthenticationURI>
	<ssoAuthenticationCheckURI>http://localhost:8888/auth/ad/sessions</ssoAuthenticationCheckURI>
	<ssoAuthenticationSecretKey>12345678901</ssoAuthenticationSecretKey><!-- OPTIONAL -->

 

Note: node-main is hidden behind PASOE server from the client's perspective.

AzureActiveDirectory

TBD by Sergiu MorarSebastian Lucaciu

...