All geek questions in one place

Joint session between the Play platform and Django

How to create a single application sign that will allow me to move from one part of my site to another. One part of my site uses a gaming environment and the other uses django. My SSO know-how is very limited, so please be nice to me :)

+4
source share
3 answers

as stated in mandubian, the best option is to have a central service that provides authentication tokens that all applications recognize and use to authenticate the user. An example of such a service is CAS , if, as you say, you do not have experience in SSO, I would read about it to understand how this should work.

Just a warning: authentication and authorization are an important part of the application, even more of a web application. I would advise you not to implement your solution, you probably would end up hacking with problems (if applications are not on the intranet, risks exist, but are usually simpler). Try using an existing solution, such as CAS or JOSSO

+3
source

A very simple solution would be to use a cookie in your domain that can be read as Play! and Django. A cookie may contain a temporary token that both applications can check, for example. general database, if the user has not logged in for this application yet.

+1
source

If you use the standard single sign-on mechanism, it must be controlled by the mechanism itself ...
The web server (Django or Play) should redirect the user to the authentication page on the SSO server. The SSO server generates a token and sends it back to the client (for example, in a cookie) and redirects the client to a web server (Django or Play), which itself can verify authentication on the SSO server using this token. This token is then used between the client and the web servers until the end of the authentication session.
So, as Arjan explained, you should share this token in a cookie, and both web servers (django and play) should be able to manage it.

+1
source

Source: https://habr.com/ru/post/1343440/

More articles:


All Articles