Overview
# Web Applications
A web application is an application (opens new window) that can be accessed via the web. The greatest advantage of such applications is that users can easily access them; users only need a browser and do not need to install any other software. There are two modes for applications: C/S and B/S. C/S stands for Client/Server programs, while B/S stands for Browser/Server applications. This type of application undergoes access authentication through a web browser.
Web application development mainly consists of two parts. The first part is front-end program development, primarily implemented using HTML, JavaScript, and VUE languages, ultimately executed and displayed in the browser. The second part is server-side back-end program development. Server-side programs are mainly developed using languages such as Java, .NET, PHP, Node.js, Python, etc.
# Authentication Integration Protocols
Bamboo Cloud IDaaS Identity Cloud Platform supports integration with multiple authentication protocols. Web applications can leverage IDaaS to complete authentication integration quickly and efficiently. Developers can comprehensively evaluate factors such as the authentication protocols already supported by the application system and the difficulty of development to choose a suitable authentication protocol.
| Supported Protocol | Usage Scenario | Recommendation |
|---|---|---|
| OAuth2 Authentication | This mode is the most secure and most commonly used for web application integration. It uses the OAuth2 standard authorization code flow. After user authorization, a temporary code is obtained, and the application exchanges the code for a token. | ⭐⭐⭐⭐⭐ |
| OIDC Authentication | OIDC is a next-generation identity authentication standard protocol based on the OAuth2 protocol. OIDC provides third-party applications with user identity authentication information in the form of an id token. After the third-party application successfully verifies the signature of the id token, it can parse it to obtain the logged-in user information. If the application developer is familiar with OIDC-related technologies, this protocol can be adopted. | ⭐⭐⭐⭐ |
| SAML Authentication | SAML is an XML-based federated authentication standard protocol. The SAML standard defines Identity Providers (IDP) and Service Providers (SP) to solve identity authentication and single sign-on across different cross-domain application systems. It is mainly used in web applications. However, the rules defined by the protocol are relatively complex, posing significant development challenges for application developers. Therefore, it is rarely adopted for integration within internally developed enterprise systems and is more commonly used in mainstream large-scale commercial application systems. | ⭐⭐ |
| CAS Authentication | CAS is a B/S architecture single sign-on (SSO) protocol, but it addresses relatively simple and singular scenarios. There are not many applications on the market that implement the CAS protocol. We do not recommend this protocol. | ⭐ |
| WS-Fed Authentication | This standard is based on SOAP. Although the entire protocol is powerful and considers details comprehensively, its implementation tends to be heavy. It is prioritized only when integration with Microsoft services is required. | ⭐ |