Differences

This shows you the differences between two versions of the page.

Link to this comparison view

Both sides previous revision Previous revision
Last revision Both sides next revision
documentation:latest:securetoken [2017/11/20 14:44]
xguimard Spelling errors
documentation:latest:securetoken [2019/06/05 14:22]
127.0.0.1 external edit
Line 3: Line 3:
 ===== Presentation ===== ===== Presentation =====
  
-The Secure Token Handler is a special Handler that create ​a token for each request and send it to the protected application. The real user identifier is stored in a Memcached server and the protected application can the request the Memcached server to get user identifier.+The Secure Token Handler is a special Handler that creates ​a token for each request and send it to the protected application. The real user identifier is stored in a Memcached server and the protected application can request the Memcached server to get user identifier.
  
-This mechanism allows one to do SSO on application with an unsafe link between Handler and the application,​ but with a safe link with the Memcached server.+This mechanism allows one to protect an application with an unsafe link between Handler and the application,​ but with a safe link between ​the Memcached server ​and the application.
  
 ===== Configuration ===== ===== Configuration =====
 +
 +Install Cache::​Memcached dependency.
  
 ==== Virtual host ==== ==== Virtual host ====
Line 13: Line 15:
 === Apache === === Apache ===
  
-Configure the virtual host like other [[configvhost|protected virtual ​host]] but use Secure Token Handler instead of default Handler.+VirtualHost has to be configured ​like other [[configvhost|protected virtual ​hosts]] but by using Secure Token Handler instead of default Handler.
  
 <file apache> <file apache>
Line 28: Line 30:
 </​file>​ </​file>​
  
-=== Nginx ===+=== Other web servers ​===
  
-<​note>​This ​module ​uses Apache2 Filter and is not compatible with Nginx.</​note>​+<​note>​This ​handler ​uses Apache2Filter Module to hide token, prefer [[servertoserver|Handling server webservice calls]] for other servers.</​note>​
  
 ==== Handler parameters ==== ==== Handler parameters ====
Line 39: Line 41:
   * **Attribute to store**: the session key that will be stored in Memcached.   * **Attribute to store**: the session key that will be stored in Memcached.
   * **Protected URLs**: Regexp of URLs for which the secure token will be sent, separated by spaces   * **Protected URLs**: Regexp of URLs for which the secure token will be sent, separated by spaces
-  * **Header name**: name of the HTTP header carrying the secure token.+  * **Header name**: name of the HTTP header carrying ​by the secure token.
   * **Allow requests in error**: allow a request that has generated an error in token generation to be forwarded to the protected application without secure token (default: yes)   * **Allow requests in error**: allow a request that has generated an error in token generation to be forwarded to the protected application without secure token (default: yes)