oauth - Which SSO tool fits this scenario best? -


clientsitea.com, clientsiteb.com, ....

(client domains unknown us)

ourserver.com (contains user credentials)

we need users able login on ourserver.com (using javascript) on client site. login form must reside on client sites. envisioning ajax call sent ourserver.com containing username (from client site). if username logged in, let them stuff, if not show them login form. login form send username/password server , log them in.

is possible? i've been reading saml, i'm seeing having login form on client sites problem. i've been reading oauth. i'm pretty lost. can give me guidance.

i don't think easier have same ui repeated on multiple sites, makes maintenance more difficult.

on other hand, if there explicit link users login or automatically redirected when accessing restricted sites there no need awkward requirement. awkward - because makes tricky use existing sso protocols.

answering question - oauth2 lets exchange username/passwords access tokens. called resource owner password credential flow.

trying convince not idea - not oauth2 providers support flow, remember google doesn't. instead, support flows redirect client login page can perform client application not aware of like:

  • multifactor authentication
  • additional confirmation pages explicit resource access approval

these additional steps of authentication not possible in simple username/password flow.


Comments

Post a Comment

Popular posts from this blog

java.util.scanner - How to read and add only numbers to array from a text file -

i'm learning java , have question regarding reading file want read numbers file contains strings well. here example of file: 66.56 "3 java 3-43 5-42 2.1 1 and here coding: public class test { public static void main (string [] args){ if (0 < args.length) { file x = new file(args[0]); try{ scanner in = new scanner( new fileinputstream(x)); arraylist<double> test = new arraylist<>(); while(in.hasnext()){ if(in.hasnextdouble()){ double f=in.nextdouble(); test.add(f);} else {in.next();} } catch(ioexception e) { system.err.println("exception during reading: " + e); } } my problem add 66.56,2.1 , 1 doesn't add 3 after "3 or ignores 3-43 , 5-42 can tell me how skip strings , add doubles here? thanks all said 3 ie; "3, 3-43 , 4-42 strings either u read string , split , check number @ " , - or put in space between characters , integers. jvm after compilation tre...
Read more

rewrite - Trouble with Wordpress multiple custom querystrings -

i'm working on adding multiple querystring , doesn't seem work. i've found codes seems work others might i'm missing something. i want like: http://mydomain.com/board/?getyear=2013&getsometext2=sometext to http://mydomain.com/board/2013/sometext/ i added code below functions.php file. doesn't seem work should though. this works. echoing querystring gets both variable without problem. http://mydomain.com/board/2013/sometext/ but doesn't. tested querystring vis isset() seems nothing being set/get http://mydomain.com/board/2013/ function add_query_vars($vars) { $vars[] = "getyear"; $vars[] = "getsometext2"; return $vars; } add_filter('query_vars', 'add_query_vars'); function add_rewrite_rules($arules) { $anewrules = array('board/([^/]+)/([^/]+)/?$' => 'index.php?pagename=board&getyear=$matches[1]&getsometext2=$matches[2]'); $arules = $a...
Read more