We're aiming to make some intranet content / intranet sites / intranet webapps accessible via Shotgun using URL Pages (i.e. https://support.shotgunsoftware.com/entries/28798-URL-Pages-Tabs ) In some cases, though, we need to provide user authentication for those internal webapps.
One option is to require users to log in to the linked webapp separately. In my first test case, I discovered that the webapp uses cookies to manage identity, and cookies are not recognised in an embedded iframe (the site complains that cookies are not available and doesn't provide a login function).
Option 2 is to pass on some kind of authentication token from Shotgun (like OAuth maybe?). Is anything like this available? (Obviously we'd then need to confirm that the target site accepts one of the available tokens.)
Option 3 would be to use one of the available user strings as a cheap, (very) low security token - e.g. http://my.intranet/site/?login={current_user.login} - again this relies on the target site accepting this kind of token.
Option 4 is related, which is to just provide anonymous access. This is not preferable, but would be bare-able for an intranet wiki.
I'm a bit worried that almost any webapp will inevitably use cookies to maintain identity, and this means no identity option is really viable.