We (I was then working with ilscipio) did something like that for a client, and
I agree it's the way to go.
I mean that I agree with "We are not going to implement the Token Based Authentication process at low level. Behind the scenes, we will be using the
current work flow as is"
Disclaimer: I did not look into all details. Also we planned to use OpenId but eventually the Token Based Authentication we used was specific and
proprietary to the client (this remembered me http://markmail.org/message/7vtjvjomneimspvl)
Jacques
Le 18/06/2016 à 15:01, Rahul Bhooteshwar a écrit :
Hello All,
Recently felt the need of Token Based Authentication process in Apache
OfBiz while using OfBiz's business process offerings with standalone
clients like Mobile Apps, Angular JS based apps running outside Apache
OfBiz etc.
What currently we are having in OfBiz is session based authentication
process which is *stateful*. But while dealing with the independently
running remote clients stateful authentication is not gonna work as we will
not be using *server-browser session* anymore in those cases.
Following are the initial draft & supporting documents to proceed further:
- Token Based Authentication in Apache OfBiz
<https://docs.google.com/document/d/1xbpjNWGZp8B_79YJmPxmSJqkx7Qo_EI7u_PE0WNt3B4/edit#heading=h.g14rrmsoijiv>
- Token Based Authentication
<https://docs.google.com/document/d/15QBV87vMD42QppCaHpxgcefcg_ac7HFeSQQnF_S50nk/edit#heading=h.mdriqalojfy4>
- JSON Web Tokens
<https://docs.google.com/document/d/1wLfv8h_Kkd4iHBxW4Gkx987Q7KBocWAGvss2p4N4fIM/edit>
- IETF's (Internet Engineering Task Force) Documentation for JSON Web
Tokens
<https://drive.google.com/file/d/0BzXOhs4-o0n9cHVGckgwUndsUGc/view?pref=2&pli=1>
I would like to propose a requirement to implement this in OfBiz, & invite
you all to provide valuable inputs to conclude the requirements &
implementation plans.
Thanks and Regards
*Rahul Bhooteshwar*
Enterprise Software Engineer
HotWax Systems <http://www.hotwaxsystems.com/> - *Global leader in
innovative enterprise commerce solutions **powered by Apache OFBiz.*
