Skip to content
/ acrolinx-proxy-sample Public

This project can serve as a sample, or demo how to build a proxy suitable for communicating with the Acrolinx server

License

Apache-2.0 license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

acrolinx/acrolinx-proxy-sample

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

296 Commits
.github
.github
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
pom.xml
pom.xml
 
 

Repository files navigation

Acrolinx Single Sign-On Proxy Java Servlet Sample

Demo code for implementing a proxy in a single sign-on environment in Java.

Prerequisites

Please contact Acrolinx Support for consulting and getting your integration certified.

Acrolinx offers different other SDKs, and examples for developing integrations.

Before you start developing your own integration, you might benefit from looking into:

Overview

See: Architecture Diagrams

Configuration of the Sample

Configure the Acrolinx Platform

To enable usage of proxy, contact Acrolinx Support and get the generic token from them.

Configure the Sidebar Integration

In the config.js of your Acrolinx Integration, set the Acrolinx URL to point to the relative proxy path as follows:

serverAddress: '/acrolinx-proxy-sample/proxy'

Make sure:

  • the webserver running the proxy delivers the HTML of the integration.
  • the relative proxy path points to the correct location of your proxy.

See also:

Configure the Proxy

Java Servlet

Configure the Acrolinx URL, username, and generic token in the web.xml file. The parameter names are acrolinxUrl, username, and genericToken.

Test the Sample Proxy

The following command executes a Maven build of the project and then deploys the resulting acrolinx-proxy-sample.war file to a Jetty web server:

mvn jetty:run-war

Once Jetty is up and running, you can then make HTTP requests to test the AcrolinxProxyHttpServlet. The following is an example of such an HTTP request with the help of a curl command:

curl -X POST http://localhost:8080/acrolinx-proxy-sample/proxy/api/v1/auth/sign-ins

Security

Make sure to implement the proxy in a secure way. Especially take care of:

  • The entire authentication is checked in the proxy layer.
  • The username is already authenticated in the system you integrate.
  • The proxy adds the username header and the generic token header.
  • The generic token is kept secret between the system's backend and the Acrolinx Platform.
  • It's impossible to fake a request to the proxy and obtain an authentication token for a different user than the authenticated user.

Connection / TLS / Pitfall

The Acrolinx Platform usually runs on state-of-the-art security standards. Out of the box and HTTP clients might not be able to connect. Make sure that you configured your VM, operating system, and backend to allow connections with modern TLS versions.

Please make sure to test with an appropriate configuration before rollout.

About

This project can serve as a sample, or demo how to build a proxy suitable for communicating with the Acrolinx server

Resources

Readme

License

Apache-2.0 license
Activity
Custom properties

Stars

0 stars

Watchers

14 watching

Forks

2 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 11

Languages