Operating scenarios

This page describes the various operating scenarios that are possible with the Identity Service in combination with con terra Technologies products and which settings must be set.

Identical host with different paths

In this scenario, the Identity Service and the con terra Technologies product (e.g. map.apps) are operated on the same host with different paths.

Examples:

Identity Service: https://www.example.com/identity
map.apps: https://www.example.com/mapapps

This scenario does not require any separate adjustment of the configuration of the Identity Service or the con terra Technologies product.

Different host names under one domain

In this scenario, the Identity Service and the con terra Technologies product (e.g. map.apps) are operated on different hosts under the same domain.

Examples:

Identity Service: https://identiy.example.com
map.apps: https://mapapps.example.com

You must use the following properties for this scenario:

Identity Service

The cookie domain must be set to the domain used via the security.session.cookieDomain setting.

Example Identity Service application.properties

security.login.redirect.trusted.hosts=mapapps.example.com
cors.allowed.origins=https://mapapps.example.com
security.session.cookieDomain=example.com

This setting refers to the application.properties file of the Identity Service.

map.apps

In addition to the settings to be used according to the documentation, the URL of the Identity Service must be listed in the cors.request.trustedServers property.

Example map.apps application.properties

security.mode=IDENTITY
security.login.base=https://identiy.example.com
cors.request.trustedServers=https://identiy.example.com

These settings refer to the application.properties file of map.apps.

Different domains

The use of Identity Service with con terra Technologies products that are accessible via different domains is not supported.