svn commit: r1841478 - /ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-inter-domains-auto-auth-navigation.adoc

Thu, 20 Sep 2018 07:59:43 -0700 

Author: jleroux
Date: Thu Sep 20 14:59:18 2018
New Revision: 1841478

URL: http://svn.apache.org/viewvc?rev=1841478&view=rev
Log:
Documented: Document the automated authentification from a domain to another
(OFBIZ-10562)

Commits WIP before changing the file name (cross fits more than inter)

Modified:
    
ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-inter-domains-auto-auth-navigation.adoc

Modified: 
ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-inter-domains-auto-auth-navigation.adoc
URL: 
http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-inter-domains-auto-auth-navigation.adoc?rev=1841478&r1=1841477&r2=1841478&view=diff
==============================================================================
--- 
ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-inter-domains-auto-auth-navigation.adoc
 (original)
+++ 
ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-inter-domains-auto-auth-navigation.adoc
 Thu Sep 20 14:59:18 2018
@@ -16,6 +16,23 @@ KIND, either express or implied.  See th
 specific language governing permissions and limitations
 under the License.
 ////
-= Authenticated inter-domains navigation
+= Authenticated cross-domains navigation
 
-This feature allows to navigate from a domain to another with automated signed 
in authentication.
\ No newline at end of file
+In some cases you need to split applications on different servers, and 
possibly in production on different domains.This can happen for different 
reasons, most often for performance reason.
+
+As it's annoying to give a credential when changing from an OFBiz application 
to another on the same server,  it's annoying to give a credential when 
changing from an OFBiz application to another on another domain.
+
+To handle automated sign in from an application to another we have currently 2 
possibilities in OFBiz
+* externalLoginKey
+* Tomcat SSO (not used OOTB)
+
+This feature allows to navigate from a domain to another with automated signed 
in authentication.
+
+It based on 3 technologies: 
+
+. https://jwt.io/[JWT Official site] - 
+https://en.wikipedia.org/wiki/JSON_Web_Token[Wikipedia for JWT]
+. https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS[CORS (Mozilla doc)] - 
https://en.wikipedia.org/wiki/Cross-origin_resource_sharing[Wikipedia for CORS]
+. Ajax, now well known I guess, in OFBiz we use jQuery for that.
+
+The mechanism is simple. The user is given a JavaScrip link

Reply via email to