Transferring sign-in/authentication status to a third party website
We would like to have our members link to outside web sites (for example to access journal article content), using the WA login. The easiest way to do this is using signed linking, which there is no support for in WA. This could also provide a simple mechanism to provide Single Sign-on support using the WA login.
For example, WA should be able to create a link such as:
<a href="pathInfo?originator=originator&identity=identity×tamp=timestamp&token=signature">
Where:
• pathInfo - the destination of the link
• originator - the name of the service generating the signed link. This would be specified in the link settings.
• identity - the identity to which the user will be authenticated. E.g. the identity of the society or the user. (perhaps to be specified by the editor setting up the link)
• timestamp - the timestamp for the signed link, the date and time at which the link will expire. (to specify how long the link should remain valid after creation)
• signature – an MD5 checksum made up of the parameters, the pathInfo, plus a secret pass phrase.
francisew
shared this idea
-
Lori Malone
commented
@ francisew - Have you found a solution to this issue?
