Single Sign-On in PHP & HATS Applications using Hashed Cookies



Similar documents
Absorb Single Sign-On (SSO) V3.0

Configuring ADFS 3.0 to Communicate with WhosOnLocation SAML

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

Qualtrics Single Sign-On Specification

Welcome (slide 1) Welcome to the Florida Department of Education Single Sign-On tutorial for federated user login and navigation.

Using Foundstone CookieDigger to Analyze Web Session Management

Copyright: WhosOnLocation Limited

INUVIKA OPEN VIRTUAL DESKTOP ENTERPRISE

Criteria for web application security check. Version

Okta/Dropbox Active Directory Integration Guide

Log-in made easy. MB Advantage Single Sign-On Now Available to DealerTrack.

This manual will illustrate how to integrate your WordPress Blog or website with the Docebo Learning Management System.

Virtual Code Authentication User s Guide. June 25, 2015

Accessing the PMRN [SSO Users]

Deploying RSA ClearTrust with the FirePass controller

CA Performance Center

NU SSO Account Activation Job Aid NU Employees

SSO Eurécia. and external Applications. Purpose

Building Secure Applications. James Tedrick

Remote Authentication and Single Sign-on Support in Tk20

Authentication Methods

EVault Endpoint Protection 7.0 Single Sign-On Configuration

SSO Plugin. HP Service Request Catalog. J System Solutions. Version 3.6

Encrypting*a*Windows*7*Hard*Disk* with%bitlocker%disk%encryption!

Microsoft Office 365 Using SAML Integration Guide

PowerSchool. Parent Single Sign-On (SSO)

JVA-122. Secure Java Web Development

User-password application scripting guide

Keywords Distributed database system, Database security, Single sign-on, Web Services, Facebook Connect services

Dashlane Security Whitepaper

Single Sign-On Instructions (SSO) Registration for the SSO

SSO Methods Supported by Winshuttle Applications

Version Listed below are the detailed features in GoAnywhere Services shown with all the licensed options.

Multi Factor Authentication API

Leveraging SAML for Federated Single Sign-on:

Connected Data. Connected Data requirements for SSO

TrustedX - PKI Authentication. Whitepaper

CA Nimsoft Service Desk

Password Power 8 Plug-In for Lotus Domino Single Sign-On via Kerberos

Fairsail. Implementer. Single Sign-On with Fairsail and Microsoft Active Directory Federation Services 2.0. Version 1.92 FS-SSO-XXX-IG R001.

Getting Started with AD/LDAP SSO

ABOUT TOOLS4EVER ABOUT DELOITTE RISK SERVICES

SAML-Based SSO Solution

Portal User Guide. Customers. Version 1.1. May of 5

OracleAS Identity Management Solving Real World Problems

IceWarp Server - SSO (Single Sign-On)

There are more security levels in ARCHIBUS, as described bellow.

Agenda. How to configure

Configuring Single Sign-on for WebVPN

Advanced Administration

SCAS: AN IMPROVED SINGLE SIGN-ON MODEL BASE ON CAS

Web Application Guidelines

Use Enterprise SSO as the Credential Server for Protected Sites

Testing and Deploying IBM Rational HATS 8.5 Applications on Apache Geronimo Server 3.1

Single Sign-On Implementation Guide

Web Applications Access Control Single Sign On

Identity Management in Liferay Overview and Best Practices. Liferay Portal 6.0 EE

SINGLE SIGNON FUNCTIONALITY IN HATS USING MICROSOFT SHAREPOINT PORTAL

Single Sign-On Implementation Guide

Authenticate and authorize API with Apigility. by Enrico Zimuel Software Engineer Apigility and ZF2 Team

The increasing popularity of mobile devices is rapidly changing how and where we

OpenLogin: PTA, SAML, and OAuth/OpenID

Lets get a federated identity. Intro to Federated Identity. Feide OpenIdP. Enter your address. Do you have access to your ?

PHP Integration Kit. Version User Guide

Single Sign-On Systems

Luminis to Banner Single Sign-On

To integrate Oracle Application Server with Active Directory follow these steps.

Siebel Security Guide. Version 8.0, Rev. C February 2011

Single Sign-On Guide for Blackbaud NetCommunity and The Patron Edge Online

How to use Certificate in Microsoft Outlook

CERTIFICATE-BASED SINGLE SIGN-ON FOR EMC MY DOCUMENTUM FOR MICROSOFT OUTLOOK USING CA SITEMINDER

Analyzing the Security Schemes of Various Cloud Storage Services

Single Sign-on Frequently Asked Questions

CONFIGURATION GUIDE WITH MICROSOFT ACTIVE DIRECTORY FEDERATION SERVER

Password Management Help

Microsoft Online Portal. Basic Administration Guide

How To Use Saml 2.0 Single Sign On With Qualysguard

Interwise Connect. Working with Reverse Proxy Version 7.x

mod_auth_pubtkt a pragmatic Web Single Sign-On solution by Manuel Kasper, Monzoon Networks AG mkasper@monzoon.net

A Data Synchronization based Single Sign-on Schema Supporting Heterogeneous Systems and Multi-Management Mode

Lenovo Partner Access - Overview

Web Security Testing Cookbook*

Cloudwork Dashboard User Manual

Paynow 3rd Party Shopping Cart or Link Integration Guide

Web Based Single Sign-On and Access Control

Team 23 Design Document. Customer Loyalty Program for Small Businesses

State of Michigan Single Sign-On Registration Instructions for First Time Users

SAML Security Option White Paper

How Parents Use Single Sign On and New PowerSchool Features

CHAPTER 1 INTRODUCTION

CA Single Sign-On Migration Guide

Egnyte Single Sign-On (SSO) Installation for OneLogin

KEYSTROKE DYNAMIC BIOMETRIC AUTHENTICATION FOR WEB PORTALS

Single Sign On. SSO & ID Management for Web and Mobile Applications

T320 E-business technologies: foundations and practice

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

Architecture Guidelines Application Security

Transcription:

Single Sign-On in PHP & HATS Applications using Hashed Cookies Royal Cyber Inc. Modernized e-business solutions 1 Modernized e-business solutions Royal Cyber Inc.

Overview This white paper focuses on how to achieve Single Sign-On functionality between PHP-WordPress based applications and the HATS applications using hashed cookies. The use case scenario is: Customer has a PHP-WordPress based website where the users perform Login operation using LDAP credentials. From there they are provided with a link to HATS application. The goal is when the user clicks on the provided HATS application link; he/she should automatically be signed-in into HATS without providing any additional credentials or any other information. This can be achieved using hashed cookies method. Part 1 - What are Cookies and What is Hashing In this part a brief overview of Cookies will be given. Furthermore, the basic concept of Hashing will also be explained. Part 2 - Steps to Achieve SSO in IBM Rational HATS In this part, the basic steps required to achieve Single Sign-on functionality are discussed. Part 3 - Cookies Management and Performing Login in IBM Rational HATS In the final part cookie management for performing login into IBM Rational HATS is explained. The workflow to achieve this functionality is also demonstrated graphically. 2 Modernized e-business solutions Royal Cyber Inc.

PART 1- WHAT ARE COOKIES AND WHAT IS HASHING Cookies Cookies are small files which are stored on a user's computer. They are designed to hold a modest amount of data specific to a particular client and website, and can be accessed either by the web server or the client computer. This allows the server to deliver a page tailored to a particular user, or the page itself can contain some script which is aware of the data in the cookie and so is able to carry information from one visit to the website (or related site) to the next. Hashing Hashing is a one way process of encoding message (or information) so that eavesdroppers or hackers cannot decode original message. In hashing scheme, the message or information is hashed using a hashing algorithm, turning it into un-decrypted cipher text. The hashing algorithms only allow encrypting text; they don't decrypt encrypted text, so any adversary that can see the cipher text should not be able to determine anything about the original message. An authorized party however is able to generate same hash value because they will know about hashing algorithm and format of value that is hashed. For our purpose in this article we are using Secure Hash Algorithm (SHA512). 3 Modernized e-business solutions Royal Cyber Inc.

PART 2 - STEPS TO ACHIEVE SSO IN IBM RATIONAL HATS Set the Cookies Given the particular scenario, customer will create/set two cookies when the user logs in to their portal, one cookie contains the username and the other contains hash code generated by SHA512 algorithm. Get the Cookies When the user clicks on HATS application link, we get both the cookies by using JSP code and we reset the lifetime of the cookies by using JavaScript (as shown below). Figure 1 Jave Script Code 4 Modernized e-business solutions Royal Cyber Inc.

PART 3 - COOKIES MANAGEMENT AND PERFORMING LOGIN IN IBM RATIONAL HATS (SSO) By using SHA512 algorithm, we generate hash code by appending username (which we get from username cookie) with a salt value. After that, we compare the hash code that we are getting from hash code cookie and the new generated hash code on username. If these both hash codes are equal, it means the username is correct as per it hash code. From there we run a macro to get that user login into HATS application successfully. If the two hash codes don't match, page is be redirected to PHP application with error message. Figure 2 Macro / Event File Snap The maximum time for the expiration of cookies is 30 minutes, so when user leaves the HATS application for 30 minutes without interaction, the cookies will be expired automatically and system will redirect the page to PHP application. 5 Modernized e-business solutions Royal Cyber Inc.

Figure 3 Single Sign-On Workflow 6 Modernized e-business solutions Royal Cyber Inc.

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information