HeaderBasedAuthenticationTag
(Created page with "If you put your OnPrem Turnkey installation under a generic catch all authentication umbrella you may want to make use of that externally provided identity in your turnkey app...")
 
No edit summary
Line 16: Line 16:


(ReferenceIsResolved is a new property you must add to SysUser in your model)
(ReferenceIsResolved is a new property you must add to SysUser in your model)
(This scenario is used by Finansinspektionen - BankId - Shibboleth)

Revision as of 11:23, 10 September 2018

If you put your OnPrem Turnkey installation under a generic catch all authentication umbrella you may want to make use of that externally provided identity in your turnkey application.

The normal scenario is that the authentication umbrella that makes sure your user is identified before ever reaching your application - adds a header to each call you get.

To make use of such a header you can now configure your installation like this:

In TurnkeySettings.xml you add this:

<HeaderBasedAuthenticationTag>The Header you want to catch</HeaderBasedAuthenticationTag>

The value of that header will then be used as the User-identity (email) for SysUser in your model.

If the value is only a reference and the user info must be looked up elsewhere you can do so by creating a serverside job that does something like this:

Act on all : SysUser.allinstances->select(not ReferenceIsResolved)

For each : Resolve the reference (maybe by calling external web-service with RESTGet) and set ReferenceIsResolved:=true

(ReferenceIsResolved is a new property you must add to SysUser in your model)

(This scenario is used by Finansinspektionen - BankId - Shibboleth)

This page was edited 96 days ago on 02/10/2024. What links here