Login screen
Generally we do not want individual applications creating and using their own login screens. It is preferable that you use our central login screen; this is for security and auditing reasons. It also saves you from having to run SSL/HTTPS on your machine (because if you had your own login screen it should have been over HTTPS...!).
If you want to use SSO you'll need to register with us by sending us the following details:
The domain name of the machine that people will be logging into, as seen in the web browser: eg blogs.warwick.ac.uk (not artemis.warwick.ac.uk which is the actual machine)
A human readable name for your service: eg. Warwick Blogs (this will be displayed on the login screen)
Contact name and email address of the person responsible for the service: eg Kieran Shaw, kieran.shaw@warwick.ac.uk
We will in turn then send you a providerId which will then be used to construct a URL like this for your login screen, in this test case: urn:blogs.warwick.ac.uk:blogbuilder:service
https://websignon.warwick.ac.uk/origin/slogin?providerId=urn:blogs.warwick.ac.uk:blogbuilder:service&target=https://blogs.warwick.ac.uk/kieranshaw/
This url will show the following login screen:
Once logged in, the WarwickSSO cookie will be set and the user will be redirected back to your target url which you will have put on the querystring as a url encoded value in the target parameter. In this case that is https://blogs.warwick.ac.uk/kieranshaw/
Once the user arrives back at your application, you just need to read the WarwickSSO cookie and follow the instructions in the interfaces guide to find the user details from that cookie.