Jazz Forum Welcome to the Jazz Community Forum Connect and collaborate with IBM Engineering experts and users

Delegate Auth to JTS regular JEE App

Hello,

for a customer deployment in which we are integrating RTC as part of a solution with couple more of JEE applications, customer wants to build a front web page to manage navigation between all "pieces" of the solution.

We would like to delelgate the user authorization between all the applications to the Jazz Team Server after reading:

https://jazz.net/wiki/bin/view/Main/AppSdkDelegatingAuth

could we use such mechanism being these applications non-Jazz based ones? Are there any concerns we should think of in advance for this auth integration?

Thanks in advance for your help.

Regards,

Jorge.

0 votes



2 answers

Permanent link
As long as your applications are acting as "fronting applications" (i.e. they invoke Jazz Foundation REST services), and the interface to your applications is a web browser, then I think the authentication delegation mechanism described in the wiki should work for you.

Hello,

for a customer deployment in which we are integrating RTC as part of a solution with couple more of JEE applications, customer wants to build a front web page to manage navigation between all "pieces" of the solution.

We would like to delelgate the user authorization between all the applications to the Jazz Team Server after reading:

https://jazz.net/wiki/bin/view/Main/AppSdkDelegatingAuth

could we use such mechanism being these applications non-Jazz based ones? Are there any concerns we should think of in advance for this auth integration?

Thanks in advance for your help.

Regards,

Jorge.

0 votes


Permanent link
Hello John,

the Jazz Foundation services you refer to are the ones described for the OAuth dance? Then yes. Beyond that, the only REST services customer would like to call are the ones part of OSLC for standardization purposes, but also protecting with this delegation mechanism the access to any other resource of this fronting applications (whether it will end performing some action via OSLC or not). Trying to summarize:

When user (via browser), tries to hit any protected url of these applications, the idea is to have them make the "OAuth dance" calling the Jazz foundation services just for this OAuth token generation. Beyond that, any info interchange with RTC is to be done via REST part of OSLC.

This way, the only interaction with JFS is to perform this auth (I mean in case services spec change in the future).

Do you see any mistakes? Did I make any misunderstanding? :)

Thanks for your help!

Regards,

Jorge.

0 votes

Your answer

Register or log in to post your answer.

Dashboards and work items are no longer publicly available, so some links may be invalid. We now provide similar information through other means. Learn more here.

Search context
Follow this question

By Email: 

Once you sign in you will be able to subscribe for any updates here.

By RSS:

Answers
Answers and Comments
Question details
× 10,964

Question asked: Apr 25 '11, 3:09 a.m.

Question was seen: 5,315 times

Last updated: Apr 25 '11, 3:09 a.m.

Confirmation Cancel Confirm