===== No-Code integration overview =====
{{:integration:no-code-overview.png?600|}}
  - User opens a web application
  - Apache resolves it with code 401 - unauthenticated
  - [[components:binder|ADUCID Binder]] page is diplayed - it is ADUCID authentication page with login button and QR code
  - As soon as user authenticates page is reloaded and proxypass used to retrieve the back-end application for user
  - Or Apache has to handle 403 Unauthorized - see [[integration:authorization|Authorization in No-Code]]

In Apache configuration just require authentication:
<sxh bash>
require valid user
</sxh>
===== REMOTE_USER or any other attribute =====
User ID is sent to application in header attribute - REMOTE_USER
In ADUCID AIM it is called UDI
As we use Apache you can rename it to anything else - some applications use x-forwarded-user or other user ID

Example how to send X-forwarded-user instead of REMOTE_USER:
<sxh bash>
RewriteEngine On	
RewriteCond %{LA-U:REMOTE_USER} (.+)
RewriteRule .* - [E=RU:%1]
RequestHeader set X-Forwarded-User %{RU}e
</sxh>
===== Security remarks =====
  * Apache has to be accessible only via TLS (https).
  * Back-end application has to be separated and accessible only from Apache (http, ajp, ...)
  * Apache installed for ADUCID shouldn't be used for applications. User another instance of Apache instead.
  * Headers from client are not transported to the back-end as ProxyPass is used (unless you configure Apache to do it)
  * So if users sents REMOTE_USER to Apache, it is wiped out and target application won't see it

===== Technical overview =====
{{:integration:no-code-overview2.png?600|}}

This picture describes internal components of No-Code integration solution.

===== Other topics =====
  * [[nocode:applications|Applications tested with ADUCID No-Code integration yet]]
  * [[nocode:authorization|Authorization in No-code]]
  * [[components:binder|ADUCID Binder]]