Front single sign on interface

This article will introduce the single sign on interface supported by the product.

Note: we provide the official interface related to the sail soft single point, and only solve the problems related to the invocation of the official interface. If the user has any error other than the interface during the actual operation, please contact the technical personnel of the user company for troubleshooting.

The user name, password and other information need to be placed behind the URL for login verification. In combination with iframe or Ajax, the cross domain single sign on behavior of the foreground can be realized. It only needs to add the call of this interface on the user's login page, and no adaptation is required in the background. The account and password of the user system shall be the same as the account and password of fansoft platform.

1. interface introduction

There are two methods for FineReport to realize foreground single sign on: iframe method and Ajax method.

Regardless of the login method, the finereport report report system provides a unified interface for users. The interface is as follows:

http://localhost:8080/webroot/decision/login/cross/domain?fine_username=XX&fine_password=XX&validity=
-2&callback=

The parameter description is shown in the following table:

Enter the URL in the browser:http://localhost:37799/webroot/decision/login/cross/domain?validity=-1&fine_username=account number&fine_password=passwordIf success is returned, the single point interface call is successful, as shown in the figure:

2. other instructions

Other descriptions are as follows:

• This interface can be used not only for single sign on, but also for user-defined login. For more interface contents, please refer to the online interface document of the decision platform.

• The button named "content sniffing attack protection" needs to be turned off on the platform. If it is an embedded iframe, the button "click hijacking attack protection" needs to be turned off. See: safety protection for button introduction

• The token returned by login is stored in the cookie. Ensure that the browser does not disable the token. OA or other systems in the same domain cannot set the cookie to HttpOnly.

• Since the user information is on the url, URL characters may appear. It is recommended to use encodeURIComponent for encoding once. For details of encoding conversion, see: encoding conversion.

• For some IE browsers, you need to add the target site to the trusted list.

3. difference between Ajax and iframe

Both iframe mode and Ajax mode can realize cross domain single sign on, but Ajax can realize asynchronous single sign on and process the verification results of the report system, such as login timeout; However, iframe cannot be processed asynchronously, and the verification results cannot be processed during report verification.