Author: jleroux
Date: Thu Sep 20 15:00:23 2018
New Revision: 1841479
URL: http://svn.apache.org/viewvc?rev=1841479&view=rev
Log:
Documented: Document the automated authentification from a domain to another
(OFBIZ-10562)
Renames the file using "cross" instead of "inter"
Added:
ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-cross-domains-auto-auth-navigation.adoc
(with props)
Removed:
ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-inter-domains-auto-auth-navigation.adoc
Added:
ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-cross-domains-auto-auth-navigation.adoc
URL:
http://svn.apache.org/viewvc/ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-cross-domains-auto-auth-navigation.adoc?rev=1841479&view=auto
==============================================================================
---
ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-cross-domains-auto-auth-navigation.adoc
(added)
+++
ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-cross-domains-auto-auth-navigation.adoc
Thu Sep 20 15:00:23 2018
@@ -0,0 +1,38 @@
+////
+Licensed to the Apache Software Foundation (ASF) under one
+or more contributor license agreements. See the NOTICE file
+distributed with this work for additional information
+regarding copyright ownership. The ASF licenses this file
+to you under the Apache License, Version 2.0 (the
+"License"); you may not use this file except in compliance
+with the License. You may obtain a copy of the License at
+
+http://www.apache.org/licenses/LICENSE-2.0
+
+Unless required by applicable law or agreed to in writing,
+software distributed under the License is distributed on an
+"AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+KIND, either express or implied. See the License for the
+specific language governing permissions and limitations
+under the License.
+////
+= Authenticated cross-domains navigation
+
+In some cases you need to split applications on different servers, and
possibly in production on different domains.This can happen for different
reasons, most often for performance reason.
+
+As it's annoying to give a credential when changing from an OFBiz application
to another on the same server, it's annoying to give a credential when
changing from an OFBiz application to another on another domain.
+
+To handle automated sign in from an application to another we have currently 2
possibilities in OFBiz
+* externalLoginKey
+* Tomcat SSO (not used OOTB)
+
+This feature allows to navigate from a domain to another with automated signed
in authentication.
+
+It based on 3 technologies:
+
+. https://jwt.io/[JWT Official site] -
+https://en.wikipedia.org/wiki/JSON_Web_Token[Wikipedia for JWT]
+. https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS[CORS (Mozilla doc)] -
https://en.wikipedia.org/wiki/Cross-origin_resource_sharing[Wikipedia for CORS]
+. Ajax, now well known I guess, in OFBiz we use jQuery for that.
+
+The mechanism is simple. The user is given a JavaScrip link
Propchange:
ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-cross-domains-auto-auth-navigation.adoc
------------------------------------------------------------------------------
svn:eol-style = native
Propchange:
ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-cross-domains-auto-auth-navigation.adoc
------------------------------------------------------------------------------
svn:keywords = Date Rev Author URL Id
Propchange:
ofbiz/ofbiz-framework/trunk/framework/webapp/src/docs/asciidoc/_include/wa-cross-domains-auto-auth-navigation.adoc
------------------------------------------------------------------------------
svn:mime-type = text/plain
