Description
Currently, KnoxSSO is constrained to an SP Initiated Flow - meaning, the user must attempt to access a participating application before s/he is redirected to an IdP for authentication.
This restriction has been problematic for some deployments that have multiple tenants or realms since the participating application has only a single URL to redirect to when authentication is required.
This JIRA is an umbrella for a few tasks in order to enable the following:
- A landing page that displays a portal of available Topologies and then services/UIs within each. Need to determine which topologies to inclulde - maybe only those protected by KnoxSSO - which will require some Admin API calls. This will be similar to the Okta portal page with tiles for UIs and Services.
- KnoxSSO protection of the landing page to insure that the user is logged in
- A login form that includes username, password and realm - or perhaps a top level page that requires realm only. This can become the URL that participating application redirect the user to when a new authentication is required.
- Clicking into a Service rather than a UI should result in a REST Client Page where the KnoxSSO token will be presented and results returned in a scrollable textarea or meaningful rendering of JSON in a tree or table.