Difference between revisions of "WISE-PaaS/Single Sign-On(SSO)"
Dylan.chang (talk | contribs) |
Dylan.chang (talk | contribs) |
||
Line 42: | Line 42: | ||
Open the [https://openidserver.redirectme.net:8443/auth/admin/ https://openidserver.redirectme.net:8443/auth/admin/] and login with applied administrator account to config your realm before implement your client app. | Open the [https://openidserver.redirectme.net:8443/auth/admin/ https://openidserver.redirectme.net:8443/auth/admin/] and login with applied administrator account to config your realm before implement your client app. | ||
− | (Essential) Public key : | + | *(Essential) Public key : OpenID server generate a unique key for client app identification. Copy the public key to json setting file include in the client app . |
− | + | *(Essential) Valid Redirect URIs & Web Origins : Provide valid uri pattern for your client app. OpenID server would redirect to your client page while a successful login or logout. Your client page must be publicly accessible. | |
− | (Essential) Valid Redirect URIs & Web Origins : | + | *(Optional) User registration : |
− | |||
− | (Optional) User registration : | ||
=== Implement client codes === | === Implement client codes === |
Revision as of 04:52, 10 January 2017
WISE-PaaS/OpenID is part of Advantech WISE-PaaS cloud solution and plays an important role in the interoperability of Internet identity. It provides a central login mechanism.
WISE-PaaS/OpenID Connect utilizes Keycloak which is an open source identity and access management for modern applications and services.
Contents
Features Overview
Single-Sign On : Login once to multiple applications
Standard Protocols : OpenID Connect, OAuth 2.0 and SAML 2.0
Centralized Management : For admins and users
Adapters : Secure applications and services easily
High Performance : Lightweight, fast and scalable
Clustering : For scalability and availability
Themes : Customize look and feel
Extensible : Customize through code
Password Policies : Customize password policies
Implementation
Apply a manager account for OpenID Central Server
Please sen a request to WISE-Paas/OpenID Connect service manager by E-mail. And provide the following information
- Service name : [RMM] as your realm.
- Client name : [RMMClient] a client definition for a app to login in.
- User registration : [True/False] Enable/Disable user registeration.
- Administrator account : [RMMAdmin] Use this account to manage this realm. The default password is same as account name. Change password after first login.
Setting your service on OpenID server
Open the https://openidserver.redirectme.net:8443/auth/admin/ and login with applied administrator account to config your realm before implement your client app.
- (Essential) Public key : OpenID server generate a unique key for client app identification. Copy the public key to json setting file include in the client app .
- (Essential) Valid Redirect URIs & Web Origins : Provide valid uri pattern for your client app. OpenID server would redirect to your client page while a successful login or logout. Your client page must be publicly accessible.
- (Optional) User registration :
Implement client codes
....
Sample code
......