SSO with redirect or in a webview?

anjingjing · September 24, 2018, 11:50am

Hi there,

I have a scenario like this:
We have a user portal - separately written in Angular.
We have a mobile app - both iOS and Android.
And, we have CUBA IDP and SP.
Now the requirement is, we need to get some token/ticket when user login from portal or mobile, I think this can be done by either oauth/token or login service. After user login, we want to keep the ticket or session token, so that if they get notification of SP screen link, they can directly open the screen link(no need to login again) in different ways: redirect to SP in Angular or open SP in WebView on mobile.

Can we achieve this as something like http://service-provider-url/app/open?screenlink=xxx&idp_ticket=xxx ?

anjingjing · September 25, 2018, 1:54am

I’m going to write doFilter to do this…

shustanov · September 25, 2018, 6:37am

Hi!

Look at cuba.idp.serviceProviderUrlMasks property. You can read its documentation in here. If you set up the property, there will no need to keep the ticket.

Normally, if user tries to open screen in SP, when he is not logged in, they are being redirected to IDP to get the ticket, and then being redirected to SP base url. But if you provide SP url mask, user would be redirected to initial screen.