Single Sign On with OAuth and OpenID
•
8 likes•5,244 views
CEOS WGISS 36 - Frascati, Italy - 2013.09.19 Single Sign On with OAuth and OpenID used for Kalideos project and to be used within the French Land Surface Thematic Center
Recommended
Recommended
More Related Content
What's hot
What's hot (20)
Similar to Single Sign On with OAuth and OpenID
Similar to Single Sign On with OAuth and OpenID (20)
More from Gasperi Jerome
More from Gasperi Jerome (20)
Recently uploaded
Recently uploaded (20)
Single Sign On with OAuth and OpenID
- 1. Single Sign On with OAuth and OpenID Jérôme Gasperi WGISS-36 ESA/ESRIN - Frascati, Italy - September 19th, 2013
- 2. OpenID is an open standard for authentication. Model is based on confidence links between Service Providers and Authentication Providers (i.e. OpenID providers) to achieve Single Sign On authentication
- 3. OAuth is an open standard for authorization. It provides a method for clients to access server resources on behalf of a resource owner
- 4. OAuth is an open standard for authorization. It provides a method for clients to access server resources on behalf of a resource owner etc...
- 5. Experiment Filter access to Kalideos (i.e. SPOT) data through a secured WMS server using OpenID Connect (i.e. OpenID over OAuth)
- 6. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 7. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 8. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 9. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 10. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 11. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 12. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 13. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 14. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 15. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 16. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 17. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 18. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 19. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 20. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 21. Identity Server 10. Return user information 7. Return user information 6. Get user information using OAuth token 9. Send OAuth token for validation and get user information 3. Authentication with OAuth (OpenID Connect) 2. Redirect to Identity Server 13. Create user session 12. Get user rights 4. Return OAuth token WMS Server 5. Send OAuth token 11. Ask for user rights Kalideos Server 1. Ask for authentication 8. Send OAuth token 14. Ask for WMS feed 15. Return WMS feed LDAP
- 22. OpenID Connect planned to be used in Theia (i.e. French Land Surface Thematic Center)