Skip credential form on authentication (FBA)

  • 4 May 2016
  • 1 reply
  • 3 views
S
Badge +1

Im working on a case where i need to integrate a K2 form into another application. The concept of this solution is that the main application has some fields that are required. To get to these fields a user needs to authenticate first. After the required fields have been filled and submitted, a K2 form is shown on that same page. The problem is that we do not want to ask the user for credentials again.  All suggestion on how to best implement this are welcome. We want to work with K2 having Forms Based Authentication enabled. Some thoughts of myself so far:

 

  1. To skip the K2 authentication form. Posting the credentials directly to some url that otherwise would have been done by the login form. Although i have seen this before, im not sure if the K2 implementation allows for this as well. Any thoughts on this idea are welcome.
  2. To authenticate somewhere else (an API?) that provides a token that can be supplied to the K2 form. Im just not sure what API i need to use, and how to implement that on the form.

 

 

 

1 reply

S
Userlevel 1
Badge +8

Hi Danny,

 

To achieve this functionality, you are going to have to transition to an authentication mechanism that is common (shared) to both your custom application and K2 smartforms. Since you are wanting to use a forms based mechanism of authentication, the most "out of the box" way to achieve this would be to add ADFS to your authentication scheme assuming the custom app can also be configured to use ADFS.  

 

One of the things that many fail to realize is that ADFS is just not for Active Directory. You can add additional user stores (including SQL) to ADFS to authenticate users.  Once a user is authenticated against ADFS for one application the transition to the other application (in this case smartforms) is practically seamless since both use the same claims token. Additionally, ADFS can be configured to use forms based authentication.

 

The moral of the story is that you will have to come up with some means of authentication that both systems can honor and recognize that authentication has already occured. This isn't to say you couldn't find some other means, but the most direct and supported way to bridge the authentication divide would be a light weight ADFS implementation.

 

Hope this helps.

 

S.

Reply


View our Community Site Map

Nintex Community Sitemap
Terms & ConditionsCookie settings