KeyMaster Architecture

The diagram below shows you how KeyMaster fits in with other Caplin Platform products, inside a web-based trading application.

KeyMaster Architecture diagram revised

You’ll see that KeyMaster works in conjunction with other Caplin components but is also compatible with 3rd party /customer developed software - including SSO and user permissions systems, web applications, and web application servers.

KeyMaster interacts with the other components as follows:

  1. The user runs a web-based trading application by first visiting a page on the trading website and logging in to the service from a computer. It is loaded from a web application server, but the actual trading interaction is carried out with a Liberator server. So that the trading data and transactions do not have to be relayed through the application server, the trading application on the computer obtains trading data directly from the Liberator.

  2. An HTTP request is then made to the application server for authentication. If the user’s credentials are authenticated at the application server and validated at the SSO system, KeyMaster will generate a token.

  3. StreamLink automatically requests this token from KeyMaster when a login request is made to Liberator. StreamLink will then pass the token to Liberator as a request to log in and authenticate. Liberator verifies the authenticity and validity of the token. The token contains a timestamp, so it will eventually expire after a certain period. StreamLink will however request a new token if a full reconnection to the Liberator server is required. This is done inside the StreamLink library.

  4. Upon successful verification by Liberator, real-time trading data and capabilities can now be accessed through Liberator.

And as this is all happening behind the scenes, manual intervention isn’t needed by the user.

See also: