This is my position:
-
Data webpap: This is a third party Is a webpad that shows users that some relevant data restricted from roles have been developed using this spring but it uses TomCase Digest for security and plays a role from users and JDI resources. However, I have a source code and I can implement Spring Protection on it.
-
User & amp; Roll Manager webpap: It is mine and manages a DB that has users, roles and so on. It has been developed in Spring (MVC, Safety and so on). DB has been exposed as a JDI resource in Tomcat and other applications take necessary data from that resource. I created this app because I want to be possibly less aggressive in # 1.
-
The rest of the service webpap: It is mine and I use token audio in this one, the user sends the user / password and the credentials verify that data is received from the JDI resource. is. It gives a valid token.
In # 2, I have two types of authentication via Spring Form (user / password and opid)
First I have the # 2 app I have come up with a CAS server because I use it only to add, edit, set roles, delete groups ... but I do not know what the real implementation means.
The second one is to deploy a real cas server, but I do not know that it is too much for two or three apps. I have read some posts about CAS, SAML, OUTH2 ... but I have a little bit of a mix ..
Can you help me decide which option is most suitable is? I want to share the same login page, to be able to log in comfortably and every time I switch between apps, I should not see the login page.
Thanks
Comments
Post a Comment