# SSO HTML Site Structure
## Purpose
The files in this folder can be used as a template for building customized
landing and response pages for single sign on authentication services.
## Usage
These example files are equivalent to the built-in site structure in the
priint:comet InDesign Plug-Ins.
You can override certain files or the entire site structure by copying the
'login' folder into the Plug-In installation directory.
This allows to customize LAF of the login redirection and response pages
## Mandatory Files
**For SSO Logins the installation of PubServer 4.2.3136 is mandatory!**
Some files are mandatory. If they don't exist in the login folder, the built
in version of these files will be used.
* landing.html: called first. Purpose is to redirect to the authentication
service. This file should contain the "meta http-equiv"
header and / or initiate javascript redirection.
Also a 'cancel' button is nice to have, in case the user
entered an invalid address and doesn't want to wait until
connection times out.
* accept.html: called, when the authentication service accepts login.
There are no special requirements for this page. You should
avoid referring to further resources (css files, images etc.)
in this file,. because immediately after delivering this file,
the local webservice is shut down, i.e.: no further requests
will be served.
* denied.html: called, when the authentication service denies login.
There are no special requirements for this page. You should
avoid referring to further resources (css files, images etc.)
in this file,. because immediately after delivering this file,
the local webservice is shut down, i.e.: no further requests
will be served.
* cancel.html: called, when the user cancels authentication.
There are no special requirements for this page. You should
avoid referring to further resources (css files, images etc.)
in this file,. because immediately after delivering this file,
the local webservice is shut down, i.e.: no further requests
will be served.
* test.html: this page is shown, when you enter 'test' in the Server input
field in the login dialog.
Purpose is to test the SSO Plug-In implementation. The values
usually provided by the authentication service can here just
be entered manually
* 400.html, 404.html, index.html: error pages for Bad Request resp., Not Found
and general fallback page.
* details.html Not mandatory. This file shows some request / response details
and is included by all default (built-in) pages.
## Special Directives
The local callback service supports some processing instructions:
${_KEYNAME_}: these are placeholders mainly for string resources, see list
below
: sections enclosed by these special formatted XML / HTML
comments marks are invisible in plain HTML (because
commented out), but will be visible in the page delivered
by the server, because these marks will just be removed
/*--@ ... @--*/ same for .js / .css files
... sections enclosed by these marks are visible in plain
HTML, but will be removed in the page delivered by the
server
/*--*/ ... /*-/-*/ same for .js / .css files
@{resource-path} include a file hosted on the local callback server.
Resource path is the relative path within tje login folder,
e.g. 'css/main.css' will point to 'login/css/main.css'
@b64{resource-path} include a file hosted on the local callback server in
BASE64 encoding. Same rules as for plain text includes
## Translation Keys
The following keys will automatically be translated to the corresponding string
resource or value from context. Some may not be available in all pages, e.g.
the 'SERVER' key is only set in accept page and code or message only in the
denied page.
* ${REDIRECT_TO} short title for the redirect page
* ${REDIRECT_HINT} more verbos information about redirection
* ${REDIRECT_CLICK} label for the 'Redirect' button
* ${LOGIN_CANCEL} label fot the 'Cancel' button
* ${LOGIN_CANCELED} short title, when login has been canceled
* ${LOGIN_CANCELED_HINT} more verbose information about cancel
* ${SHOW_DETAILS} label for the 'Details' link
* ${LOGIN_ACCEPTED} short title, when login has been accepted
* ${LOGIN_ACCEPTED_HINT} more verbose information about accept
* ${LOGIN_DENIED} short title, when login has been denied
* ${LOGIN_DENIED_HINT} more verbose information, when login was denied
* ${AUTH_SERVICE} full address of the authentication service
* ${REDIRECT_LOCATION} like AUTH_SERVICE plus referrerPort parameter
* ${LOCAL_SERVICE} full address of the local callback server
* ${REQUEST_IN} the request sent from client / browser
* ${REQUEST_PATH} cleaned / secured path calculated on server
* ${RESOURCE_PATH} path of the resource
* ${SELF} local callback server address + path
* ${PLUGIN_VERSION} version of the priint:comet Plug-Ins
* ${PLUGIN_REVISION} revision of the priint:comet Plug-Ins
* ${SERVER} server address of CometBridge as provided by
the authentication server
* ${PROJECT} identifier of comet project as provided by the
authentication server
* ${LOGIN} login name as provided by the authentication
server
* ${LANGUAGE} session language as provided by the auth server
* ${SESSIONID} session id as provided by the auth server
* ${CODE} error code (if denied) as provided by the
authentication server
* ${MESSAGE} error message (if denied) as provided by the
authentication server