Difference between revisions of "HowTo:Integrate UBIK in an SSO Environment"
(→Interfacing) |
(→Studio) |
||
(5 intermediate revisions by the same user not shown) | |||
Line 102: | Line 102: | ||
<div class="mw-collapsible-content"> | <div class="mw-collapsible-content"> | ||
<syntaxhighlight lang="csharp" > | <syntaxhighlight lang="csharp" > | ||
− | public class MyOIDCProcessor : DynamicOIDCProcessorExt | + | public class MyOIDCProcessor : UBIK.SSO.OIDCProcessor.DynamicOIDCProcessorExt |
{ | { | ||
// Example for a claim type identifier used to get a value from the Assertions() dictionary. | // Example for a claim type identifier used to get a value from the Assertions() dictionary. | ||
Line 110: | Line 110: | ||
{ } | { } | ||
− | protected override Login CreateLogin(string loginName, string domain, OSTypes osType) | + | protected override Login CreateLogin(string loginName, string domain, UBIK.Service.DTO.V220.OSTypes osType) |
{ | { | ||
// In this example, we use the default login creation, but add the email address as the human-readable login name. | // In this example, we use the default login creation, but add the email address as the human-readable login name. | ||
Line 118: | Line 118: | ||
// The Assertions() method yields a Dictionary<string, object>, where the values usually are strings, too. | // The Assertions() method yields a Dictionary<string, object>, where the values usually are strings, too. | ||
// The keys correspond to the claim type identifiers. | // The keys correspond to the claim type identifiers. | ||
− | if (Assertions().ContainsKey( | + | if (Assertions().ContainsKey(KEY_MAIL) && !string.IsNullOrEmpty(Assertions()[KEY_MAIL] as string)) |
{ | { | ||
− | login.Name = Assertions()[ | + | login.Name = Assertions()[KEY_MAIL] as string; |
UBIKKernel.LogCustomizing(MethodBase.GetCurrentMethod(), | UBIKKernel.LogCustomizing(MethodBase.GetCurrentMethod(), | ||
$"Login name for {login.ID} was set to {login.Name} -> Key: {KEY_MAIL}"); | $"Login name for {login.ID} was set to {login.Name} -> Key: {KEY_MAIL}"); | ||
Line 152: | Line 152: | ||
</div></div> | </div></div> | ||
+ | |||
+ | |||
+ | |||
+ | |||
== Interfacing == | == Interfacing == | ||
Line 177: | Line 181: | ||
} | } | ||
</syntaxhighlight> | </syntaxhighlight> | ||
+ | |||
+ | [[Category:How-To|Integrate UBIK in an SSO Environment]] | ||
+ | [[Category:SSO|Integrate UBIK in an SSO Environment]] | ||
+ | [[Category:Version 3.6|Integrate UBIK in an SSO Environment]] | ||
= Client = | = Client = | ||
Line 183: | Line 191: | ||
* Set up an identity provider if necessary | * Set up an identity provider if necessary | ||
− | * Assemble a client configuration JSON string, .e.g.: | + | * Assemble a client configuration JSON string, .e.g. for Entra: |
<syntaxhighlight lang="javascript"> | <syntaxhighlight lang="javascript"> | ||
− | {'AuthorityURL' : 'https:// | + | {'AuthorityURL' : 'https://login.microsoftonline.com/{tenantid}/v2.0', |
− | 'ClientID' : ' | + | 'ClientID' : '{clientid}', |
'ClientSecret' : null, | 'ClientSecret' : null, | ||
'RedirectURL' : 'com.augmensys.ubik://SSO', | 'RedirectURL' : 'com.augmensys.ubik://SSO', | ||
Line 202: | Line 210: | ||
</InternalSSOSettings> | </InternalSSOSettings> | ||
</syntaxhighlight> | </syntaxhighlight> | ||
+ | |||
+ | [[Category:How-To|Integrate UBIK in an SSO Environment]] | ||
+ | [[Category:SSO|Integrate UBIK in an SSO Environment]] | ||
+ | [[Category:Version 3.6|Integrate UBIK in an SSO Environment]] | ||
== SAML == | == SAML == |
Latest revision as of 09:46, 27 June 2024
Single Sign-On (SSO) allows an end-user to interact with multiple services without logging in more than once.
This page shows how to integrate UBIK® into such an SSO environment.