RemoteAuth
Registered by
Lars Vierbergen
RemoteAuth is an SSO system for RemoteCP powered websites to allow users of RemoteCP Panel to sign in.
It makes use of POST-requests to verify the signed-on user.
A separate session for each remote website authenticated ensures security of the main user account (Remote site does not have your sessionid and cannot logon to your account)
Also, every site who wants to authenticate a user should send an authenticate request to the SSO server to receive an unique key referencing to their application during the sign in process.
To prevent users from being logged on automatically to sites they may not trust, the user should always authorize the initial exchange of session data. This question is asked after login.
Blueprint information
- Status:
- Complete
- Approver:
- None
- Priority:
- High
- Drafter:
- None
- Direction:
- Approved
- Assignee:
- Lars Vierbergen
- Definition:
- Superseded
- Series goal:
- None
- Implementation:
- Not started
- Milestone target:
- None
- Started by
- Completed by
- Lars Vierbergen
Related branches
Related bugs
Sprints
Whiteboard
(?)