Cross-domain authentication to access Jazz REST APIs
Hi,
We have a web UI application on tomcat which want to access Jazz REST APIs in different domain. We want to delegate our authentication to Jazz if it is possible. So we can be a lightweight visualization application.
I know about the same-origin policy. We maybe have some possible way can do this, but none of them are perfect. Do your guys can have a look at it, or if you can have any best practice? Please feel free to give the suggestions in your perspective. I'm really appreciate. Thanks.
Solution1:
Use iframe to show the authentication window and keep the state and cookies to do interaction. Like dashboard UI on Jazz Foundation Server.
ISSUES: not sure we can do that technically.
Solution2:
We do our own authentication and send username/password to servlet and programmatically authorized as an TestCase application with an HTTP request.
ISSUES: it's not safe to store plaintext username/password in our side and we want to be lightweight.
Solution3:
I found an old workitem in release 1.0.
https://jazz.net/jazz/web/projects/Jazz%20Foundation#action=com.ibm.team.workitem.viewWorkItem&id=60153
Does this already been an Proxy REST API in Jazz Foundation?
Solution 4:
LDAP
ISSUE: It's really heavy.
We have a web UI application on tomcat which want to access Jazz REST APIs in different domain. We want to delegate our authentication to Jazz if it is possible. So we can be a lightweight visualization application.
I know about the same-origin policy. We maybe have some possible way can do this, but none of them are perfect. Do your guys can have a look at it, or if you can have any best practice? Please feel free to give the suggestions in your perspective. I'm really appreciate. Thanks.
Solution1:
Use iframe to show the authentication window and keep the state and cookies to do interaction. Like dashboard UI on Jazz Foundation Server.
ISSUES: not sure we can do that technically.
Solution2:
We do our own authentication and send username/password to servlet and programmatically authorized as an TestCase application with an HTTP request.
ISSUES: it's not safe to store plaintext username/password in our side and we want to be lightweight.
Solution3:
I found an old workitem in release 1.0.
https://jazz.net/jazz/web/projects/Jazz%20Foundation#action=com.ibm.team.workitem.viewWorkItem&id=60153
Does this already been an Proxy REST API in Jazz Foundation?
Solution 4:
LDAP
ISSUE: It's really heavy.