I am setting up an in-house SSO system.
(Constraints related to project partners.)
When an Internet user arrives on the site I must redirect him to the authentication platform to check if he already has an open session.
If it has an open session it is redirected to my site, to a dedicated url, and connected to an appropriate eZ account. (subscriber, unsubscribed, anonymous,…)
This non-blocking URL allows you to read the content of the cookie in order to return it to the www.mysite.fr site and thus in the case where a user has previously been identified from another site, retrieve the user context information.
This call should therefore be made when the site is loaded in the event that the session does not exist, and the cookie is not present or no longer valid. The cookie will contain an expiration data, but can be re-verified via the call to the sso/connect url
The question is therefore to know how to connect into the processing of the Internet user’s requests to choose whether to redirect.
Merci pour votre aide