Hi Jacques,
I am also working on JWT (Jason Web Token) mechanism. I'll share the JWT
design and detail
Sorry for too late reply.
Here is the ticket for this work
https://issues.apache.org/jira/browse/OFBIZ-9833
We can discuss more over ticket .
Thanks & Regards
--
Deepak Dixit
www.hotwaxsystem
Thanks for feedback Rishi
Jacques
Le 09/10/2017 à 16:33, Rishi Solanki a écrit :
Jacques,
I think you can go with your solution, as no updates on this since long.
Rishi Solanki
Sr Manager, Enterprise Software Development
HotWax Systems Pvt. Ltd.
Direct: +91-9893287847
http://www.hotwaxsystem
Jacques,
I think you can go with your solution, as no updates on this since long.
Rishi Solanki
Sr Manager, Enterprise Software Development
HotWax Systems Pvt. Ltd.
Direct: +91-9893287847
http://www.hotwaxsystems.com
www.hotwax.co
On Thu, Oct 5, 2017 at 1:49 AM, Jacques Le Roux <
jacques.le.r...
Hi Rahul,
Did you finally implement this? If yes could you contribute or share?
I'm currently working on such a solution and would prefer to share before
contributing my own
Jacques
Le 18/06/2016 à 15:01, Rahul Bhooteshwar a écrit :
Hello All,
Recently felt the need of Token Based Authentic
Hi Jacques,
Okay, so I misunderstood the goal. You can forget what I said :)
Still the article is really interesting :)
Cheers,
Gregory
2016-07-23 12:55 GMT+02:00 Jacques Le Roux :
> HI Gregory,
>
> If I'm not mistaken (I'll not do it) the idea is indeed to use tokens for
> one time authentica
HI Gregory,
If I'm not mistaken (I'll not do it) the idea is indeed to use tokens for one time authentication, but to then use OFBiz current work flow for the
rest (ie handling sessions)
Quoting below: "Behind the scenes, we will be using the current work flow as is"
This is also what we did
Hi guys,
JSON web tokens are suitable for one time authentication between parties
but they have important drawbacks if they are used as a session mechanism
(how to store them, not possible to invalidate one...)
There is a nice article on this:
http://cryto.net/~joepie91/blog/2016/06/13/stop-using
Rahul,
Thanks for detailed proposal, I gone thru all the details. No changes in
the current auth system, and achieving token based authentication looks a
good idea to me.
Agree on all the details provided and will try to participate in the
reviewing the design/implementation.
+1.
Rishi Solank
We (I was then working with ilscipio) did something like that for a client, and
I agree it's the way to go.
I mean that I agree with "We are not going to implement the Token Based Authentication process at low level. Behind the scenes, we will be using the
current work flow as is"
Disclaimer:
Hello All,
Recently felt the need of Token Based Authentication process in Apache
OfBiz while using OfBiz's business process offerings with standalone
clients like Mobile Apps, Angular JS based apps running outside Apache
OfBiz etc.
What currently we are having in OfBiz is session based authentica
10 matches
Mail list logo
