This project is for the development of a [url removed, login to view] web page that will be used as part of an Active Directory / Single Sign On system.
The [url removed, login to view] page that you develop will be deployed on our client’s web server and be used to remotely authenticate users to our website using information in the client’s Active Directory server. The basic flow of the process is as follows.
1) User attempts to log in on our website
2) User is redirected from our website to the client’s website with a PKI encrypted login request. The login request information has been encrypted using the client’s public PKI key certificate
3) An [url removed, login to view] web page on the client’s site receives the encrypted request
4) The request is un-encrypted using the client’s private PKI key certificate.
5) Upon successful un-encryption of the request the [url removed, login to view] web page displays a web form where the user will enter their Active Directory username and password
6) The [url removed, login to view] web page authenticates the username/password in Active Directory
7) Limited user information such as first name, last name and email address for this user is retrieved from Active Directory
8) The [url removed, login to view] web page encrypts the user information with our public PKI key certificate
9) The user is redirected back to a web page on our website with the PKI encrypted user information and the original login request information
10) Our web site un-encrypts the user information using our private PKI key certificate
11) The user is now logged into our web application
The developer that is selected for this project will be responsible for items 3 through 9. We will provide the required public and private certificates as well as samples of the application written in PHP.