Concepts

Overall Architecture

PlugSSO flow

Plug-Front is the frontend component normally running on the same box as reverse proxy e.g. Nginx. Reverse proxy validates all traffic through Plug-Front. Plug-Front communicates with backend component Plug-Back for authentication and authorization. Plug-Back includes the PlugSSO configuration fully synchronized among all nodes.

Frontend and backend can be scaled. Plug-Front always knows all available backend nodes having one of them as elected and automatic failover to the next. Plug-Back is responsible for this election process giving load balancing of backend servers.

User Authentication Flow

PlugSSO flow authentication flow

Last modified April 23, 2020