1
0
-1
1 answer
- 10-1
Your use case does sound complex, particularly with the desktop application integration. While I can't say for certain if it's feasible exactly as described, I do know that you'll need to develop a custom authentication plugin in Joget to handle this scenario.
Below links should be a good starting point for building custom authentication plugins in Joget:
https://github.com/jogetoss/sample-api-authentication
https://github.com/jogetoss/sp-saml-directory-manager
https://github.com/jogetoss/wflow-saml- Nik
Thank you for your answer and interesting links. I will study them. For the moment we will use OpenID plugin.
Add your comment...
There is a requirement for Single Sign On but not using the predefined cases that Joget documention refers. We need to use an external desktop application as login point to login also in Joget (or vice versa). So when the Joget is opened in the browser the user should already be logged in (after the logged in in the desktop app). Since maintaining the identification of a user in a web application is done through cookies (since the http protocol is stateless) I assume that such a cookie should be injected into the web browser after the identification with the desktop application. But I don't know if this can be done and in what way. It looks quite complicated. I also don't know if there are security issues that would not allow something like this to be done in a browser from an external application. Maybe the vice versa is more clear. Logged in with Joget and when the desktop app is opened then user is already authenticated and logged in. For example it would be the use of a custom url protocol that can open the desktop application from the browser and pass and it the credentials it needs. The desktop application we use has API that we could use it for that.
Also because the two applications have their own users of course some type of link should be predefined between them with some way.