User settings service #2
Comments
|
We'd better have a central user authn service and SSO (OpenID Connect), because we need user authN also for the Admin Tool and AAR... at least (and any other web frontend that allows users/admins to modify the testbed state or view sensitive data). I can setup a Keycloak web authentication/SSO server as part of the testbed, or on some public TNO VM, for the central auth service. Or maybe you already have one at TNO? This is free and open source product so you can have it locally for your own tests as well. Then make sure your webapp works properly behind a reverse proxy like Apache/Traefik (see issue on SSL reverse proxy support). Then the SSO authentication is done in the reverse proxy and your webapp gets all needed auth info via HTTP headers, also called pre-authentication mode in some web frameworks. If this doesn't work (worst case scenario), you may have to support OpenID Connect in your webapp natively. For the record, similar issue here: |
Use OAuth and Passport js to create a user authN service.
The text was updated successfully, but these errors were encountered: