OpenInsight 10 Presentation Server
What is the Presentation Server?
The OpenInsight Presentation Server is a core part of the OpenInsight Development suite. It hosts the OpenEngine virtual machine and provides Basic+ programs with an object based interface to create and manipulate Windows Desktop Applications. As well as providing the capability to create your own applications, the Presentation Server also provides the actual OpenInsight development environment itself, which comprises the IDE and its associated tools. READ ON...
OpenID Connect & O4W
OpenID was designed as an open protocol for single sign on solutions. OpenID clients could redirect users to OpenID providers (such as Google, Yahoo, and many others) for authorization and login; the information returned after successful login could then be associated with an O4W user, or the information for a generic "OpenID user" could then be used for the current session. Note: OpenID has been phased out, or is being phased out, in favor of OpenID Connect by many providers (such as Google).
OpenID Connect Overview
OpenID Connect (OIDC) is the latest framework designed toallow single sign on functionality across the internet. OIDC Providers (such as Google, eBay, AOL,and others) are used to log in and validate users for OIDC clients (also called "Relying Parties"). O4W can act as an OIDC client, allowing developers and site administrators to specify one or more OIDC Providers that they wish to use. If an end user selects to log in with one of the OIDC Providers, they will be prompted to log in (if not already logged in) to the OIDC Provider website, and allow O4W (or another application name, if the developer/site administrator has specified one) access to their user information.
Normally, the developer/site administrator will register their application with the OIDC Provider(s) they wish to support; for example, to use "Login with Google+", the developer must visit Google's "Developers Console" and create a project (currently found at https://console.developers.google.com/project). This is different than the previous version of OpenID, which did not require any "pre-registration"; OIDC requires either pre-registration (or, if the OIDC Provider supports it) dynamic registration, to enhance user security.
As mentioned, OIDC allows for several optional capabilities, which may or may not be supported by a particular OIDC Provider. In addition to dynamic registration, OIDC defines the ability to dynamically resolve which provider should be used by the entry of the end user's email address, or the URL of the OIDC Provider. Note that while O4W includes this functionality, at this time, most providers do not support it.
Become a friend or a follower. Just click the icons to get our RSS Feeds, LinkedIn Profile, Facebook or YouTube page.
|ACID & OpenInsight
Martyn Phillips of RevSoft UK has written an article titled ACID & OpenInsight: Supporting the ACID standards in an OpenInsight based application. ACID stands for Atomicity, Consistency, Isolation and Durability which consist of a set of properties that guarantee that our database transactions are processed reliably. You can download the article HERE.
OpenInsight Authentication Module (OAM)
The OpenInsight Authentication Module (OAM) builds upon the standard OpenInsight security processes and provides additional enhanced industry standard security processes. It is included in OpenInsight 10.0 and above.
The module provides support for login policies including locking out of users after a definable number of unsuccessful attempts, password construction requirements, etc. Sensitive data for policy and user information is stored in AES encrypted records. In addition, the OAM records ("journals") successful and unsuccessful login attempts, changes to policies and changes to user information.
Administrators will configure login policies, and set up user information, for all applications that require this enhanced security. End users will log into enhanced security applications twice - once via the normal OpenInsight log in process, and then through the enhanced security screen. If desired, administrators can hard code the password and application name (in the desktop "shortcut") to remove the end user requirement of logging in via the normal OpenInsight log in process, or - should the network infrastructure support it - Revelation Software recommends that OpenInsight Single Sign-On (SSO) is also enabled for thes systems.