ForceAuthn and OneTimeUse test scenarios - SSO
The following scenarios demonstrate how forceauthn and onetimeuse work in practice.
Setup 1, three applications
-application 1 - one time use set, (password method)
-application 2 , password method
-application 3 , password method
-No sso session
Case 1 for setup 1:
user logs to application 1
sso asks usename/password
sso forwards user to application 1
user logs to application 2
sso asks username/password
sso forwards user to application 2
user logs to application 3
sso forwards user to application 3
case 2 for setup 1:
user logs to application 2
sso asks username/password
sso forwards user to application 2
user logs to application 3
sso forwards user to application 3
user logs to application 1
sso forwards user to application 1
case 3 for setup 1:
user logs to application 3
sso asks username/password
sso forwards user to application 3
user logs to application 1
sso forwards user to application 1
user logs to application 2
sso asks username/password
sso forwards user to application 2
Setup 2, three applications:
-application 1 - force authn set, password method
-application 2 , password method
-application 3 , password method
-No sso session
case 1 for setup 2:
user logs to application 1
sso asks usename/password
sso forwards user to application 1
user logs to application 2
sso forwards user to application 2
user logs to application 3
sso forwards user to application 3
case 2 for setup 2:
user logs to application 2
sso asks username/password
sso forwards user to application 2
user logs to application 3
sso forwards user to application 3
user logs to application 1
sso asks username/password
sso forwards user to application 1
case 3 for setup 2:
user logs to application 3
sso asks username/password
sso forwards user to application 3
user logs to application 1
sso asks username/password
sso forwards user to application 1
user logs to application 2
sso forwards user to application 2
Setup 3, three applications:
-application 1 - force authn set, one time use set , password method
-application 2 , password method
-application 3 , password method
-No sso session
case 1 for setup 3:
user logs to application 1
sso asks usename/password
sso forwards user to application 1
user logs to application 2
sso asks usename/password
sso forwards user to application 2
user logs to application 3
sso forwards user to application 3
case 2 for setup 3:
user logs to application 2
sso asks username/password
sso forwards user to application 2
user logs to application 3
sso forwards user to application 3
user logs to application 1
sso asks username/password
sso forwards user to application 1
case 3 for setup 3:
user logs to application 3
sso asks username/password
sso forwards user to application 3
user logs to application 1
sso asks username/password
sso forwards user to application 1
user logs to application 2
sso asks username/password
sso forwards user to application 2