thanks for trying to help me.
My setup:
1 Apache Webserver with shibboleth Service Provider
2. Node Js Server / api
3. Angular Frontend
4. PostgreSQL database
What I am doing and what I want to do:
I go to my web apps URL
https://myurl.com
Apache sends me to a shibboleth authentication side and after a successful login it will send me to the start page of my app. -> works
Now I want to login the user directly to my app if there is the same username in the database as the one I got from shibboleth. -> not working
(I don’t now how to manage this without saving the DB pw for the user somewhere on the server)
At the moment the user needs to login with his DB credentials in my Frontend. After pressing the login button on my angular app there is a post request sent to my node api.
A database object will be created with pg promise library and now the user is able to get data from the database and will be logged in.
I can’t get a password from the shibboleth authentication server. I only get the user name.
I will try to add some code tonight.
What is the best way to login the user to the database after shibboleth authentication?
Related
I am creating a web app and i want to be able to register users local through a registeration form which will have a password form as well. But i also want users to be registered to through GOOGLE SIGNIN api. Problem is in my database the password field is required. Is there a possible logic to store users that registered with google in the db without getting errors because google wont provide a password for them to the db?
I am Using Node Express js for server and Mongodb for database
I have setup my firebase authentication on the server.js file and have used socket.io to transfer data and trigger change when user signs in and signs out. However, I was wondering how I can login through the client and not the server?
The reason is because when I login through the server, there is only one user that can be authenticated (Only one user to login at a time). Hence, if I login through client, many users can login.
Thanks.
I have created an angular 2 application. Now, these are the requirements for windows authentication.
1) If any user within the organization access this application, he should not get the login prompt and should be able to login directly into the application.
2) If any specific user within the organization tries to access the application, then he should get the specific role(Like admin, Manager) and able to login directly.
3) If any user outside the organization tries to access the application, he should get the login prompt.
Edit: Backend will also play the significant role. I have created rest API using node js and express. So will this passport package help in my case? I have implemented the passport.js on my node js rest API, but now how to validate that thing on the angular side.
Any help will be appreciated and bounty awarded.
For this to work the back-end will be your primary point of call, passport.js (Implemented in your node.js not your client) will allow you to do a lot of the heavy lifting but will still require some fundamental changes to your web server.
You are looking to implement IWA (Integrated Windows Authentication) here, if you wish your client to know which roles the user has the way I would suggest would be to create a API on the server side that returns these variables as part of its response (then take them and store them somewhere for your angular2 to use).
For example you could have /authCheck return { role: [], username: "Username" } and if the user is not authenticated return a 401. This way if the passthrough IWA fails you can handle the 401 response by directing a user to the login page.
I'm creating a project, but I'm running into a problem. In my project, after user logs in he will be redirected to my dashboard. When the user is logged in, there will be an attempt to connect to my node server. But how can I authenticate the user, so that non-authenticated user cannot acces the server? What should I pass to the server? I'm using the FOSUserBundle.
tl;dr: Is there any way to create a facebook login session with passportjs using existing access key?
I'm working on a product that is composed from a website , a mobile app and a nodejs server that serves both entities. registration is possible using facebook login from both mobile app and the website. Passportjs perfectly handles the facebook login procedure from the website, while keeping the users details in a mongodb server.
Login from the android app is implemented with the facebookSDK. Once the user is logged in , I file a request to our internal server with the access key and the facebook id in order to submit a request to facebook and authorize the user + request her details.
Right now, I'm using 2 different libraries to do that (passport for registration from the website and node-facebook to request the users details from an existing token) but that's an aweful waste and not very efficient.
Is it possible to harness passportjs to create a facebook session from an existing token+facebook id?
The passport-facebook-token strategy is designed to handle just this situation.