The simplest form of WebSSO consist of the following steps
- Authenticate your app to Whydah SSO, by sending appId and appSecret. Successful authentication will return an appToken
- From your web application - use a http-redirect for the login-action. Successful login to Whydah SSO will user to your app with a userTicket
- Use the userTicket and appToken to get the user token / user data
- Use the SSO session or map the session to you web application user/session
- So, let us explore the steps in a bit more detail.
Some code comments to the code
From the ApplicationToken you will need to extract the application session id, which yopu might do with the XPATH expression "/applicationtoken/params/applicationtokenID1"
From your web application - use a http-redirect for the login-action