[SSO] improve UI for ldap/local account login
(Total: 0.00 h)
When SSO provider is configured to use (exactly one of) either LDAP or local authentication:
- A user (who isn't already logged in) clicks the Workbench Log in button and gets redirected (through API server) to SSO provider
- SSO provider prompts for a username and password, using a standard bootstrap form (possibly as a modal/overlay).
- If authentication succeeds, call back to API server and from there to Workbench (as usual).
- If authentication fails, prompt again, showing the error message in a bootstrap alert-danger or whatever.
- Test cases: If authentication succeeds on a subsequent attempt -- with or without some "back" button use -- call back to API server rather than entering some default state like "continue to foo". IOW, make sure we don't lose "back to the workbench page I was originally trying to see" state when handling authentication failures.
AJAX instead of a regular form-submit: nice, but optional.
#4 Updated by Peter Amstutz over 6 years ago
- Improve LDAP configuration formatting to be less error prone
root@hgi-exp-dev:/opt/sso-devise-omniauth-provider# RAILS_ENV=production bundle exec rails console /opt/sso-devise-omniauth-provider/config/initializers/load_config.rb:33:in `method': wrong number of arguments (0 for 1) (ArgumentError) from /opt/sso-devise-omniauth-provider/config/initializers/load_config.rb:33:in `block (2 levels) in <top (required)>' from /opt/sso-devise-omniauth-provider/config/initializers/load_config.rb:25:in `each'
- Document secret_token in application.yml
- Document uuid_prefix
- "SECURITY WARNING: No secret option provided to Rack::Session::Cookie. This poses a security threat. It is strongly recommended that you provide a secret to prevent exploits that may be possible from crafted cookies. This will not be supported in future versions of Rack, and future versions will even invalidate your existing user cookies."