Build.One Documentation
Page tree

Versions Compared

Old Version 15

changes.mady.by.user Cosmin Ichim

Saved on

compared with

New Version 16

changes.mady.by.user Cosmin Ichim

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Overall authentication architecture

PASOE

 

NodeJS

Available authentication methods

...

  1. The client sends POST request with AD credentials to the "/web/Login/Login.html" access-point on the PASOE (swat-backend).
  2. PASOE forwards AD credentials to the "/auth/ad/login" on the NodeJS (node-main).
  3. NodeJS handles AD authentication, using passport with passport-ldapauth strategy. Then responds with ssoSessionId & ssoUserId.
  4. PASOES passes back to Client the ssoSessionId & ssoUserId.
  5. Client logins into PASOE, with ssoUserId & ssoSessionId, through HybridRealm.
  6. PASOE HybridRealm handles login using ISwatAuthenticationService, which sends POST request to "/auth/ad/sessions", with ssoSessionId & ssoUserId, on the NodeJS.
  7. NodeJs responds back to PASOE with the session's validity.
  8. PASOE finalizes authentication process.
  9. Client is authenticated.

...

Code Block
languagexml
titlepasoe-config.xml / OEPAS_config.xml
	<AllowedAuthentication>ActiveDirectory</AllowedAuthentication>
	<ssoAuthenticationURI>http://localhost:8888/auth/ad/login</ssoAuthenticationURI>
	<ssoAuthenticationCheckURI>http://localhost:8888/auth/ad/sessions</ssoAuthenticationCheckURI>
	<ssoAuthenticationSecretKey>12345678901</ssoAuthenticationSecretKey><!-- OPTIONAL -->

...