NON AUTHENTICATING PORTAL TO USE WITH OTHER WEB-SSO

If Lemonldap::NG has to operate with another Web-SSO without any interworking system, Lemonldap::NG can be used as slave.

Install :

  • Install and adapt this file in an area protected by the master SSO

  • Use Lemonldap::NG::Handler::CDA to protect Lemonldap::NG area if this area is not in the same DNS domain than the portal

Authentication scheme :

  • a user that wants to access to a protected url, Lemonldap::NG::Handler redirect it to the portal

  • the portal creates the Lemonldap::NG session with the parameters given by the master SSO

  • the user is redirected to the wanted application. If it is not in the same domain, the handler detects the session id with the Lemonldap::NG cross-domain-authentication mechanism and generates the cookie