SINGLE SIGN ON USING ACTIVE RESOURCE – Just Re-blogging
Requirement: There are two web applications AppX,AppY. All user relevant informations are stored under AppX. When user signing in into AppX, that time user session would be available in AppX. Because devise authentication mechanism is applied only on AppX. Also the same user session has to be applied for AppY,while user trying to access AppY. It should not ask user credentials again.
Let us see how to implement single sign on using active resource in a rails application. Here is a basic pictorial representation of single sign on concept.
Concept of this picture is,
- Sharing the sessions between two rails applications (AppX, AppY)
- Assigning authentication token in session.
- Assigning authentication token into request header while making resource call from AppY to AppX, as session is not available through resource call.
- When user trying to access AppY directly, its would redirect to login page of AppX since user session is not…
View original post 831 more words