For application not managing other provider protocols (CAS, OpenID Connect, SAML,...) it is possible to configure LL::NG as a provider of GET parameters:
Danger
Passing such sensitive information can be dangerous. Using other well-known secured protocols is recommended.
There is also the possibility to trigger a logout action by passing the return url , such as http://auth.example.com/get/logout?url=base64(return_url)
In the Manager, go in General Parameters » Issuer modules » GET and configure:
Tip
For example, to allow only users with a strong authentication level:
$authenticationLevel > 2
Then go in Get parameters to define variables to transmit:
For example:
"test1.example.com" => {
"id" => "_session_id",
}
Danger
In the previous example, _session_id is quite sensitive, thus it is encouraged that the application revalidate _session_id using getCookie() SOAP call to avoid some security problems
Tip
If host is not already registered in virtual hosts, you need to declare it in trusted domains to allow redirection