I am currently trying to set up Active Directory authentication between Ignition Perspective projects, meaning you sign into one project, and the initial sign in passes authentication through all projects on a Gateway.
I have the Active Directory authentication set up in the main project and it seems to be working just fine. I have a script on the startup event to pull all projects and their respective URLs from the gateway via a GET HTTP request, which then formats this information into a flex repeater view. For every project/URL it makes a new instance in the flex repeater view with that information, and a button that calls system.perspective.navigate to navigate to that view.
I need to somehow capture the initial login and propagate those credentials throughout all projects, preferably in a secure way.
I have tried making a login screen with two text fields and a button, and using system.security.validateUser with the text fields as parameters for username and password, and that successfully authenticates, but I am not sure how to pass it to other projects in a secure way (no plaintext).
Is this possible in a secure manner? I am aware that Perspective provides a login method but I didn't see any way to pass credentials into that, or store them in a variable for use elsewhere.
You cannot do this within Ignition. It must be done with your Identity Provider, typically some form of single-sign-on feature. You cannot may your own login form(s) for Perspective within Ignition.
Got it. I have setup an Identity Provider which also seems to be working fine. I was suspecting that a login screen wasn't possible and a bad idea within Ignition.
Maybe my initial post wasn't clear enough. I want to get rid of the sign in screen that pops up every time you open a different project in the browser, and just log in once with AD credentials.
Use SSO and then when you re-direct to projects it still goes through the authentication process but since you are using SSO, it signs in and then move to the project.