compared with
Current by Thor Henning Hetland
on Nov 30, 2021 09:58.

Key
This line was removed.
This word was removed. This word was added.
This line was added.

Changes (3)

View Page History
{code}
// Execute a POST to authenticate my application
String appToken = Request.Post("https://sso.whydah.net/sso/logon") Request.Post("https://sso.whydah.net/tokenservice/logon")
.bodyForm(Form.form().add("applicationcredential", myAppCredential).build())
.execute().returnContent().asBytes();

// Execute a POST to SecurityTokenService with userticket to get usertoken
String usertoken = Request.Post("https://sso.whydah.net/sso/user/"+appTokenID+"/get_usertoken_by_userticket/") Request.Post("https://sso.whydah.net/tokenservice/user/"+appTokenID+"/get_usertoken_by_userticket/")
.bodyForm(Form.form().add("apptoken", appToken)
.add("userticket", userTicket).build())
!https://wiki.cantara.no/download/attachments/37388694/Whydah+infrastructure.png|width=1100!

Note, [Defense in depth|https://www.owasp.org/index.php/Defense_in_depth] strategy.


If you want to learn more about Whydah, see documentation in this space or visit [http://www.getwhydah.com]