Yes, I'm in Sintra, Portugal.
When i talk about buttons, I'm thinking on html actions. One will use a externally accessible by external users, that uses then "external junction" and the other one may use "internal junction".
I have a similar solution in my environment.
------------------------------
Joao Goncalves
Pyxis, Lda.
Sintra
+351 91 721 4994
------------------------------
Original Message:
Sent: Tue January 26, 2021 07:08 AM
From: Rodrigo Xavier
Subject: Web application with internal and external users. How to implement SSO?
Hi Joao,
We´re thinking in use the junction link only to internal users. The external users will continue using the original web application link.
But when you talk about buttons, is there some users portal in Webseal where you can build web application buttons to access them?
Are you from Sintra, Portugal?
Regards,
Rodrigo
------------------------------
Rodrigo Xavier
Original Message:
Sent: Sun January 24, 2021 06:04 AM
From: Joao Goncalves
Subject: Web application with internal and external users. How to implement SSO?
Can't you just simply create a page with 2 links (or buttons), one for internal users and another one for external users. Each of the buttons will go to a different junction?
------------------------------
Joao Goncalves
Pyxis, Lda.
Sintra
+351 91 721 4994
Original Message:
Sent: Tue January 19, 2021 01:49 AM
From: Shane Weeden
Subject: Web application with internal and external users. How to implement SSO?
This is a good use case for implementing an identifier-first approach to authentication. Essentially you code the login page to first prompt for a username and have the user click "Next" (or similar).
Most commonly the username is an email address or some other identifier from which it is lexicographically possible to determine whether or not the user should do u/p login, federated SSO or something else.
If the username can be just parsed and the determination made (e.g. from email address suffix) then you can implement this simple logic client-side in Javascript in the login page. Alternatively (or if you cannot make the determination without a user registry lookup of some kind) you can write an InfoMap-based AAC authentication policy to control the authentication flow.
------------------------------
Shane Weeden
IBM
Original Message:
Sent: Mon January 18, 2021 09:48 AM
From: Rodrigo Xavier
Subject: Web application with internal and external users. How to implement SSO?
Hi all,
The customer has an web application that is accessed by internal user (employees) and external users (clients). The internal users will be authenticate in webseal using internal customer Active Directory and will be part of the SSO proccess. But which is the best practices to do with external users? There is no need to them to do the SSO. They need authenticate in web application directly without SSO.
Regards,
Rodrigo
------------------------------
Rodrigo Xavier
------------------------------