CWAA

CWAA is a framework designed to make it possible for a protected resource to delegate user authentication to a third-party, for example, an already existing authentication system. The primary goal is to avoid having to share sensitive data (ie passwords) between domains.

The role of CWAA is only to provide authentication (transport identity) to a protected resource, not authorization (if the remote user have access to the resource). Besides identity transport there is a limited possibility to transfer other attributes.

CWAA transport the authentication data with url rewrite and url redirect though the clients web-browser and thus no connection between the authentication server and the protected resource is needed.

Read more on the CWAA website länk till annan webbplats (mostly in swedish).

There are additional information in the documents section.

Share |

Anpassa webbplatsen | Webbkarta | Om webbplatsen

Kontakta sidansvarig