diff options
author | Manoop Talasila <talasila@research.att.com> | 2018-03-16 17:47:36 +0000 |
---|---|---|
committer | Gerrit Code Review <gerrit@onap.org> | 2018-03-16 17:47:36 +0000 |
commit | dd5350525356a73410e0619b2e25722dd932f893 (patch) | |
tree | 45aec33ca41cd9e893db1f188bb0195bc52ae78c | |
parent | a97a49e6b51703cf4b3c93d69fc502a48c8155be (diff) | |
parent | eefb74923538eeff9cca1a9acc0db425f951dfd4 (diff) |
Merge "Single Signon"test_brancha983289777e000e13cf4da94f4b51f29ec56f3b6
-rw-r--r-- | docs/tutorials/portal-sdk/index.rst | 1 | ||||
-rw-r--r-- | docs/tutorials/portal-sdk/single-signon.rst | 48 |
2 files changed, 49 insertions, 0 deletions
diff --git a/docs/tutorials/portal-sdk/index.rst b/docs/tutorials/portal-sdk/index.rst index 023fc622..4d20ffd3 100644 --- a/docs/tutorials/portal-sdk/index.rst +++ b/docs/tutorials/portal-sdk/index.rst @@ -19,5 +19,6 @@ Building ONAP Portal SDK Web Applications pulling-db-data google-charts dynamic-content + single-signon wrapping-up diff --git a/docs/tutorials/portal-sdk/single-signon.rst b/docs/tutorials/portal-sdk/single-signon.rst new file mode 100644 index 00000000..fb490a77 --- /dev/null +++ b/docs/tutorials/portal-sdk/single-signon.rst @@ -0,0 +1,48 @@ +Enabling Single-Signon +====================== + +This tutorial explains the Single-Signon of ONAP Portal, and how to enable it in our sample application. + +When a user logs in using the ONAP Portal Login, a cookie is created to record the logged-in session, +and it includes the username and other parameters. + +In our tutorial app so far we used "http://app-host:port/epsdk-app-os/login.htm" to login into the application. + +This is called the external login, which is used a backdoor for developers to test the applications +in a local environment, without having the entire Portal. + +Now, when the application is ready and onboarded on to the Portal, we can now use +"http://app_host:port/epsdk-app-os/welcome.htm" as the application onboarding URL in ONAP Portal. + +Onboarding steps can be found here +https://wiki.onap.org/display/DW/Application+Onboarding#ApplicationOnboarding-addapp. + +The welcome.htm page code will try to read the session cookie from the browser to detect if there is +a user that's already logged-in into the ONAP Portal. + +If a cookie is found, then this means a user is already logged-in to the ONAP Portal and +the application welcome.htm page will display showing the application frontend in a tab inside ONAP Portal. + +However, if a cookie is not found, the code will look for the redirect URL listed in the +WEB-INFO/classes/portal.properties file. + +Assuming the ecomp_redirect_url = http://portal.api.simpledemo.onap.org:8989/ONAPPORTAL/login.htm +for Amsterdam release, then, the user will be redirected to the ONAP Portal login page to log in. + +If the user login succeeds, the Portal login page will redirect the user back to the Application +welcome page. + +This should enable the application to use the Portal’s Single Signon. + +Note that the ONAP Portal and its on-boarded application must be on the same domain +(e.g. *.simpledemo.onap.org) to take advantage of the Single Signon. + +Otherwise, if the application is hosted in a different domain, its code will not be able to read ONAP +Portal session cookies. + +Due to security reasons the ONAP Portal restricts to one domain (defined in the properties) across +the applications on-boarded to it. + +However, if the application is not interested in single signon feature, then the new application can +be always be on-boarded as a “Hyperlink only application” which will be opened into a new browser +rather than the internal Portal’s tab. |