Uploaded image for project: 'Single Sign On'
  1. Single Sign On
  2. MGNLSSO-35

Allow Magnolia to be used as pac4j middle-man in PUR scenarios

    XMLWordPrintable

Details

    • Task
    • Resolution: Won't Fix
    • Neutral
    • None
    • None
    • None
    • None

    Description

      Although pac4j's APIs helped a lot in order to lower the code complexity of logging a user into Admincentral using Keycloak as an identity provider, the module still could do more.

      One common scenario is a user logging into an area of a public website through Facebook, Twitter, GitHub, etc. SSO authentication.

      A back-end server is needed in those cases because without it, the front-end application would need to store the application ID and secret in the front-end code directly, which is unsafe, as it can be read easily.

      Luckily, Magnolia and pac4j can chime in. pac4j ships a ton of pre-configured clients: http://www.pac4j.org/docs/clients/oauth.html

      What we would need to do would be to provide configurable endpoints, such as the following simple project does: https://github.com/jooby-project/pac4j-starter

      This has little to do with the current use case the module is solving. Magnolia components such as the login and logout filters, the UserManager, the ExternalUser, etc. can be left out from such a scenario.

      I therefore suggest to split the module into two or three distinct submodules:

      • one for Admincentral login with Keycloak for our cloud
      • one for easy front-end integrations for customers
      • one for common components

      Checklists

        Acceptance criteria

        Attachments

          Issue Links

            Activity

              People

                Unassigned Unassigned
                mmichel Maxime Michel
                Votes:
                0 Vote for this issue
                Watchers:
                3 Start watching this issue

                Dates

                  Created:
                  Updated:
                  Resolved:

                  Checklists

                    Task DoR