Single Sign On with OAuth and OpenID

Transcript

Jérôme Gasperi Single Sign On with OAuth and OpenID WGISS-36

ESA/ESRIN - Frascati, Italy - September 19th, 2013

OpenID is an open standard for authentication. Model is based

on conﬁdence links between Service Providers and Authentication Providers (i.e. OpenID providers) to achieve Single Sign On authentication

OAuth is an open standard for authorization. It provides a

method for clients to access server resources on behalf of a resource owner

OAuth is an open standard for authorization. It provides a

method for clients to access server resources on behalf of a resource owner etc...

Experiment Filter access to Kalideos (i.e. SPOT) data through a

secured WMS server using OpenID Connect (i.e. OpenID over OAuth)

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

authentication 2. Redirect to Identity Server 5. Send OAuth token 6. Get user information using OAuth token 10. Return user information 9. Send OAuth token for validation and get user information 7. Return user information 4. Return OAuth token 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed 11. Ask for user rights 12. Get user rights 13. Create user session 3. Authentication with OAuth (OpenID Connect)

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

OpenID Connect planned to be used in Theia (i.e. French

Land Surface Thematic Center)

None

Single Sign On with OAuth and OpenID

Single Sign On with OAuth and OpenID

Jérôme Gasperi

More Decks by Jérôme Gasperi

Other Decks in Technology

Featured

Transcript

Jérôme Gasperi Single Sign On with OAuth and OpenID WGISS-36

OpenID is an open standard for authentication. Model is based

OAuth is an open standard for authorization. It provides a

OAuth is an open standard for authorization. It provides a

Experiment Filter access to Kalideos (i.e. SPOT) data through a

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

Kalideos Server Identity Server LDAP WMS Server 1. Ask for

OpenID Connect planned to be used in Theia (i.e. French