Is it possible to have the web server handle the authenticaion for a o4w application. I would like to pick up and use my windows username and pass it to o4w in the same way as SSO would for an OI application.

Thanks,

Pascal Landry

Is it possible to have the web server handle the authenticaion for a o4w application. I would like to pick up and use my windows username and pass it to o4w in the same way as SSO would for an OI application.

Thanks,

Pascal Landry

Hi, Pascal. If I understand your intent correctly, you'd like the ability to run O4W without requiring the user to key in their credentials in the web browser; instead, the user's credentials (username and password, effectively) should be taken from their Windows environment. Is this correct?

There appears to be a standard called SAML (Security Assertion Markup Language) that can be used for validating users without requiring them to explicitly key in their credentials. You can look at this google page to see how Google has implemented SAML for Single Sign On, or at this Wiki page for a much more detailed explanation.

There is no such functionality built into O4W, especially because it appears to rely on additional infrastructure (such as an Identity Provider), but it should not be impossible to implement on your site if you wish to do so.

Alternatively, are you just looking to replace the use of O4W's explicit list of users with authentication against your list of Windows users on the network, or your list of OI users? O4W does have the ability to use different routines to authenticate valid users, including checking the entered username and password against your existing OpenInsight user list. Let me know if you'd like more information on this alternative.

Hope that helps,

- Bryan Shumsky

Revelation Software, Inc.

Thanks Bryan, I will investigate this further in the next month.

Pascal

View this thread on the Works forum...