<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN">
<html>
<head>
<meta http-equiv="content-type" content="text/html; charset=ISO-8859-1">
</head>
<body bgcolor="#ffffff" text="#000000">
Hello<br>
<br>
We would like to use OpenID authentication.<br>
But our system has two servers, not one: a Front-end provides
analysis and a user interface, and a Back-end stores the data in a
database and makes it available through a Web API.<br>
<br>
Thus, a user interacts with our system like this:<br>
Browser <-> Front-end <-> Back-end with Web API<br>
<br>
It seems that an easy way for us to use OpenID would be for the
Back-end to act as a Relaying Party and the Front-end to simply
forward all OpenID protocol requests between the Browser and the
Back-end. That is, <br>
the Front-end will perform 7.1. Initiation (sections from <a
href="http://openid.net/specs/openid-authentication-2_0.html">OpenID
Authentication 2.0</a>), and keep that connection open<br>
the Front-end will forward the OpenID URL provided by the user to a
service on the Back-end, and keep that connection open<br>
the Back-end then runs the OpenID protocol; the Front end acts as a
tunnel between the Browser and the Back-end; it forwards all
responses it receives from the Back-end to the Browser, and forwards
all responses it receives from the Browser to the Back-end (it would
be easy to do this with raw socket level code; I'm unsure of how to
do it inside a servlet)<br>
When the Front-end receives a Positive Assertion or a Negative
Assertion it will <br>
<br>
Does this make sense?<br>
Is there a better way to accomplish what I want to do?<br>
Does an existing implementation in Java exist that I could use?<br>
<br>
Thanks<br>
A<br>
<br>
<div class="moz-signature">-- <br>
Senior Research Scientist<br>
Computational Biology<br>
Memorial Sloan-Kettering Cancer Center<br>
<a href="http://www.cbioportal.org/">cBio Cancer Genomics Portal</a></div>
</body>
</html>