帮助中心主页
RDS 多机器人调度系统
关于RDS系统
安装与部署
双机热备
Rose 热备
SyncService双机热备介绍
Windows 热备
使用说明
开发与集成
最佳实践
RDS 协议选型指导
RDS脚本方法字典
任务
发送 HTTP 请求
注册方法(在 boot() 函数中调用)
Modbus Tcp
Melsec
S7
MQTT
程序升级与问题处理
常见问题
RDS Single Sign-On (SSO)
RDS supports SSO, enable this feature in the configuration file application.yml
and complete the relevant parameters.
Before Using
- SSO feature Based On OAuth2.
- Requesting Grant Type: Authorization Code.
- HTTP authentication header: Basic, a request contains a header field in the form of Authorization:
Basic <credentials>
, where credentials is the Base64 encoding of ID and password joined by a single colon:
. - Ensure that the RDS server has access to the Authorization Server over network to exchange token and user information.
Configuration
yaml
oauth:
enable: false
authorizationUri:
tokenUri:
userInfoUri:
userAttributeName:
admins: bob,scott
loginWithUserEnable: false
clientId:
clientSecret:
<span data-lake-id="u039bbb83" id="u039bbb83" class="lake-fontsize-12" style="color: #DF2A3F">scope</span>: profile openid
<span data-lake-id="ub578f780" id="ub578f780" class="lake-fontsize-12" style="color: #DF2A3F">grantType</span>: authorization_code
<span data-lake-id="u6ce83fc4" id="u6ce83fc4" class="lake-fontsize-12" style="color: #DF2A3F">resType</span>: code
redirectBaseUri: http://127.0.0.1:8080
logoutUrl:
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
2
3
4
5
6
7
8
9
10
11
12
13
14
15
parameter description:
- enable: the default is false.
- authorizationUri: the URI for RDS to request authorization code, provided by the user of RDS.
- tokenUri: the URI for RDS to request access token, provided by the user of RDS.
- userInfoUri:the URI for RDS to request user information, provided by the user of RDS.
- userAttributeName: the JSON key for username(user information is in JSON format), the JSON value will be used to register as RDS user, provided by the user of RDS.
- admins: a set of usernames with administrator privileges , separated by
,
commas, provided by the user of RDS. - loginWithUserEnable: the default is false, which means the first SSO login will register successfully but can not access RDS except the
admins
specified above, unless theadmins
ENABLEother users in the RDS USER Menu. With the value true all users can access RDS. - clientId: RDS client id, provided by the user of RDS.
- clientSecret: RDS client secret, provided by the user of RDS.
- scope: the value of
profile openid
is recommended, which allows RDS to access user's basic profile information。 - grantType: OAuth2 grant types, only
authorization_code
supported currently. - resType: the same as last parameter
grantType
, for some Authorization Server like PingFederate,resType
is required, and in RDS only the valuecode
supported currently. - redirectBaseUri: RDS server URL, like:
http://127.0.0.1:8080
orhttp://server-domain.com
. - logoutUrl: the logout URL of SSO, provided by the user of RDS if exists.
最近更新 2023/02/03
感谢反馈
有帮助
感谢反馈
没帮助