It's all about the answers!

Ask a question

Delegate Auth to JTS regular JEE App


Jorge Diaz (8664234) | asked Apr 25 '11, 3:09 a.m.
JAZZ DEVELOPER
Hello,

for a customer deployment in which we are integrating RTC as part of a solution with couple more of JEE applications, customer wants to build a front web page to manage navigation between all "pieces" of the solution.

We would like to delelgate the user authorization between all the applications to the Jazz Team Server after reading:

https://jazz.net/wiki/bin/view/Main/AppSdkDelegatingAuth

could we use such mechanism being these applications non-Jazz based ones? Are there any concerns we should think of in advance for this auth integration?

Thanks in advance for your help.

Regards,

Jorge.

2 answers



permanent link
John Vasta (2.6k15) | answered Apr 27 '11, 7:37 a.m.
FORUM MODERATOR / JAZZ DEVELOPER
As long as your applications are acting as "fronting applications" (i.e. they invoke Jazz Foundation REST services), and the interface to your applications is a web browser, then I think the authentication delegation mechanism described in the wiki should work for you.

Hello,

for a customer deployment in which we are integrating RTC as part of a solution with couple more of JEE applications, customer wants to build a front web page to manage navigation between all "pieces" of the solution.

We would like to delelgate the user authorization between all the applications to the Jazz Team Server after reading:

https://jazz.net/wiki/bin/view/Main/AppSdkDelegatingAuth

could we use such mechanism being these applications non-Jazz based ones? Are there any concerns we should think of in advance for this auth integration?

Thanks in advance for your help.

Regards,

Jorge.

permanent link
Jorge Diaz (8664234) | answered Apr 27 '11, 10:44 a.m.
JAZZ DEVELOPER
Hello John,

the Jazz Foundation services you refer to are the ones described for the OAuth dance? Then yes. Beyond that, the only REST services customer would like to call are the ones part of OSLC for standardization purposes, but also protecting with this delegation mechanism the access to any other resource of this fronting applications (whether it will end performing some action via OSLC or not). Trying to summarize:

When user (via browser), tries to hit any protected url of these applications, the idea is to have them make the "OAuth dance" calling the Jazz foundation services just for this OAuth token generation. Beyond that, any info interchange with RTC is to be done via REST part of OSLC.

This way, the only interaction with JFS is to perform this auth (I mean in case services spec change in the future).

Do you see any mistakes? Did I make any misunderstanding? :)

Thanks for your help!

Regards,

Jorge.

Your answer


Register or to post your answer.