Histórico da Página
HTML |
---|
<div id="main-content" class="wiki-content group"> <h1 id="ModelodeIntegração-ERPTOTVScomIdentity-1.0Integração">1.0 Integration</h1> <p> Integration with Fluig Identity will be done through the SAML 2.0 - Security Assertion Markup Language protocol (<a href="http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language" class="external-link" rel="nofollow">http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language</a>). The SAML Protocol is ideal for performing a SSO - Single Sign On through a Web-Based application. </p> <p>The following figure details the activity flow in the scenario where the user accesses a Service Provider service/application (TOTVS Software) through the Identity Provider (Fluig Identity).</p> <p>  <img class="confluence-embedded-image" src="http://tdn.totvs.com/download/attachments/185741292/74023813.png?version=2&modificationDate=1426618404000&api=v2" data-image-src="http://tdn.totvs.com/download/attachments/185741292/74023813.png?version=2&modificationDate=1426618404000&api=v2"> </p> <p>The next figure details the activity flow in the scenario where the user accesses a service/application directly in the Service Provider (TOTVS Software). This scenario will not be available for desktop applications (.exe).</p> <p>  <img class="confluence-embedded-image" src="http://tdn.totvs.com/download/attachments/185741292/74023814.png?version=1&modificationDate=1426618412000&api=v2" data-image-src="http://tdn.totvs.com/download/attachments/185741292/74023814.png?version=1&modificationDate=1426618412000&api=v2"> </p> <h1 id="ModelodeIntegração-ERPTOTVScomIdentity-2.0Nomenclatura">2.0 Nomenclature</h1> <ul> <li>SAML: Security Assertion Markup Language</li> </ul> <p align="left" style="margin-left: 30.0px;"> Open standard of authentication and authorization for single sign-on (SSO) for the web<br /> <a href="http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language" class="external-link" rel="nofollow">http://en.wikipedia.org/wiki/Security_Assertion_Markup_Language</a><br /> <a href="http://en.wikipedia.org/wiki/SAML_2.0" class="external-link" rel="nofollow">http://en.wikipedia.org/wiki/SAML_2.0</a> </p> <ul> <li>IDP: Identy Provider (Fluig Identity)<br /> Authenticates the user and generates the assertion<br /> <a href="http://en.wikipedia.org/wiki/Identity_provider" class="external-link" rel="nofollow">http://en.wikipedia.org/wiki/Identity_provider</a></li> <li>SP: Service Provider (TOTVS Software)<br /> Checks the assertion and provides the service<br /> <a href="http://en.wikipedia.org/wiki/Service_provider" class="external-link" rel="nofollow">http://en.wikipedia.org/wiki/Service_provider</a></li> <li>Assertion<br /> XML with authentication security tokens<br /> <a href="http://en.wikipedia.org/wiki/SAML_2.0#SAML_2.0_Assertions" class="external-link" rel="nofollow">http://en.wikipedia.org/wiki/SAML_2.0#SAML_2.0_Assertions</a></li> <li>Resource<br /> Service Provider service or application </li> <li>Metadata<br /> XML with information on the Identity Provider or Service Provider to ensure communication between them<br /> <a href="http://en.wikipedia.org/wiki/SAML_2.0#SAML_2.0_Metadata" class="external-link" rel="nofollow">http://en.wikipedia.org/wiki/SAML_2.0#SAML_2.0_Metadata</a></li> </ul> <h1 id="ModelodeIntegração-ERPTOTVScomIdentity-3.0Requisitos">3.0 Requirements</h1> <ul> <li>Fluig Identity<br /> <ul> <li>Address (URL) of XML metadata (example: <a href="https://openidp.feide.no/simplesaml/saml2/idp/metadata.php" class="external-link" rel="nofollow">https://www.fluigidentity.com/cloudpass/saml2/metadata</a>) </li> </ul></li> <li>TOTVS Software<br /> <ul> <li>UI in the system security policy for identity manager configuration where the user will provide:<br /> - IDP address;<br /> - the address that TOTVS Software will respond as SP (example: <a href="http://myhostname:8080/spEntityID" class="external-link" rel="nofollow">http://myhostname:8080/spEntityID</a>), it will be entityID of SP;<br /> - list of addresses that can use SSO through SP (example:  <a href="http://myhostname:8080/spEntityID/saml2/get?url=www.gmail.com" class="external-link" rel="nofollow">http://myhostname:8080/</a>)<br />- digital certificate </li> <li>HTTP configured to respond to the addresses below:<br /> - SP metadata XML (example <a href="http://myhostname:8080/spEntityID/saml2/metadata" class="external-link" rel="nofollow">http://myhostname:8080/spEntityID/saml2/metadata</a>);<br /> - SP SAML service (example <a href="http://myhostname:8080/spEntityID/saml2/get" class="external-link" rel="nofollow">http://myhostname:8080/spEntityID/saml2/get</a>);<br /> - response to IDP assertion (example <a href="http://myhostname:8080/spEntityID/saml2/post" class="external-link" rel="nofollow">http://myhostname:8080/spEntityID/saml2/post</a>); </li> </ul></li> </ul> <p> <img class="confluence-embedded-image" src="http://tdn.totvs.com/download/attachments/185741292/74023815.png?version=2&modificationDate=1426618415855&api=v2" data-image-src="http://tdn.totvs.com/download/attachments/185741292/74023815.png?version=2&modificationDate=1426618415855&api=v2"> </p> <p> </p> <p style="margin-left: 90.0px;"> </p> </div> |
Visão Geral
Import HTML Content
Conteúdo das Ferramentas
Tarefas