SSO for AngularJS web application

[Jayakumar Jayaraman]

Hello Guys

Does pac4j helps to enable Single Sign On (SSO) for a web application written on AngularJS ?

At the moment we have used CAS for SSO support on our web applications which were implemented using JSF in Java.

And it all works fine in production.

Now we are planing to migrate these web application to Angular JS framework.

And quite confused how to enable the SSO feature which we have before using CAS.

Can pack4j helps in this case ?

Should I use OAuth / OpenID integration with CAS ?

Thanks

Jay

[Jérôme LELEU]

Hi,

Generally, application urls are protected and if the user is not authenticated, it generates a redirection to the SSO server for authentication and a redirection back to the application after a successful authentication.

For a Single Page Application (based on AngularJs), things get more complicated as AJAX calls are made and for a protected url, if a redirection to the SSO server is started, it won't work. In pac4j, you will receive a 401 error page instead of a redirection if an AJAX call is detected. So you can configure your AngularJS app to handle this use case and call back your main page and triggers a browser login process.

This is how pac4j helps: by delivering 401 error page instead of redirection (302) for AJAX calls.

It's a simple approach you can start with. Though, you may want to go further and handle the login process mainly in Javascript and in that case, the OAuth implicit grant type would be necessary. There is also the CSRF issue to consider.

Thanks.

Best regards,

Jérôme

--
You received this message because you are subscribed to the Google Groups "pac4j-dev" group.
To unsubscribe from this group and stop receiving emails from it, send an email to pac4j-dev+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.