Example of proxy setup if both external and internal
clients authenticate towards an external Identity Providor.
Red arrows: Authentication
Purple arrows:
Validation and normal transactions after authentication is performed - note that
OAuth will redirect to the system_url.
Example of proxy setup if both external and internal
clients authenticate towards an external Identity Providor. Same as above, but
now with Mobile clients that connects over TAS.
Red
arrows: Authentication
Purple arrows: Validation and normal transactions
after authentication is performed - note that OAuth will redirect to the
system_url.
Example of proxy setup if both external and internal
clients authenticate towards an internal IFS DB Identity Providor.
There are two proxies in this picture, but that means
two URL's are forwarded through the proxy.
Red arrows: Authentication
Purple arrows: Validation and normal transactions
after authentication is performed - note that OAuth will redirect to the
system_url.
Example of proxy setup if both external and
internal clients authenticate towards an internal IFS DB Identity Providor. Here
we added a TAS for mobile clients.
There are
three proxies in this picture, but that means three URL's are forwarded through
the proxy. Note that internal requests that are routed through the external
proxy could/should be whitelisted so that IFS MWS is not unwillingly exposed to
internet.
Red arrows: Authentication
Purple arrows: Validation and normal transactions after authentication is
performed - note that OAuth will redirect to the system_url.
Example of proxy setup if both external and
internal clients authenticate towards an internal IFS DB Identity Providor, but
the internal traffic is not to be routed as external internet traffic. Note IFS
Application only support one system_url. The FQDN of the system_url is the same
on the intranet and internet.
There are two
proxies in this picture, but that means two URL's are forwarded through the
proxy.
Red arrows: Authentication
Purple
arrows: Validation and normal transactions after authentication is performed -
note that OAuth will redirect to the system_url.
Example of proxy setup if both external mobile
clients and internal clients authenticate towards an internal IFS DB Identity
Providor, but the internal client traffic is not to be routed as external
internet traffic. Only the moblie clients are allowed through the external
proxy. Note IFS Application only support one system_url. The FQDN of the
system_url is the same on the intranet and internet hence the certificate on MWS
and Proxy need to be the same.
There are
two proxies in this picture, but that means two URL's are forwarded through the
proxy.
Red arrows: Authentication
Purple
arrows: Validation and normal transactions after authentication is performed -
note that OAuth will redirect to the system_url.
