Gluu SSO Multiple apps

By: Ahsan Umair user 17 May 2017 at 7:31 a.m. CDT

6 Responses
Ahsan Umair gravatar
Hi, We have multiple client applications setup in Gluu server. We have implemented single sign-on with Gluu in those apps. Once user is logged in to Gluu through one client application the other client applications should have a way to check if Gluu session is active and get User claims. Once logged in one app, if we try to go to different app it does not have any way to check which user is logged in without re-authenticating with Gluu again. Apps are developed in different technologies using Oxd C# and java clients. Ideally if the user is logged in through one application then there should be a way for other applications to know about the Gluu active session and logged-in user details with out re-authenticating. Our apps need user info from Gluu to server the protected pages. Please help what is the best way to deal with this scenario.
U1404
closed

Answers

By Mohib Zico staff 17 May 2017 at 8:39 a.m. CDT

Copy
Mohib Zico gravatar
Are you trying two apps in same web browser? Or, different browser?

By Ahsan Umair user 17 May 2017 at 8:44 a.m. CDT

Copy
Ahsan Umair gravatar
Hi, same browser but applications open in different tabs

By Mohib Zico staff 17 May 2017 at 8:44 a.m. CDT

Copy
Mohib Zico gravatar
Unexpected behavior really, we will do a quick QA and get back to you.

By Mohib Zico staff 23 May 2017 at 4:32 p.m. CDT

Copy
Mohib Zico gravatar
I think I can't reproduce the issue. Here is what I tried: - Magento service in one server - Wordpress service in another server - Both Magento and Wordpress sites are configured with Gluu [oxD](https://oxd.gluu.org/). - Authenticated Wordpress in one tab [ same browser ]. Login screen appearing. - Opened a new tab and logged into Magento server without re-authentication. Here is the test [video](https://www.youtube.com/watch?v=EEzB2c0CV-U&feature=youtu.be).

By Ahsan Umair user 06 Jun 2017 at 8:58 a.m. CDT

Copy
Ahsan Umair gravatar
Just for update, this issue was resolved by removing prompt=login parameter from get_authorization_url request. Removing this parameter from request results in Gluu using same authentication session which was previously been started from different app. This prevents forcing Gluu to re-authenticate the user again.

By Mohib Zico staff 06 Jun 2017 at 9:54 a.m. CDT

Copy
Mohib Zico gravatar
Thanks for the update, Ahsan!

Post an answer