You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@tomcat.apache.org by Kevin Edward <ke...@gmail.com> on 2023/04/07 12:25:55 UTC

Tomcat needs an authenticator valve for OpenID/MSAL!

Tomcat community,

We have been using keycloak tomcat valves for SAML, but now we are moving
to OpenID.

Who in the tomcat community can create/support a tomcat authenticator valve
using the MSAL library?

I have the example authentication servlet working for MSAL below. Seems it
could be easily converted to a tomcat authenticator valve:

https://github.com/Azure-Samples/ms-identity-msal-java-samples/tree/main/3.%20Java%20Servlet%20Web%20App%20Tutorial/1-Authentication/sign-in

Thank you for any and all help!
K

AW: Tomcat needs an authenticator valve for OpenID/MSAL!

Posted by "Keil, Matthias (ORISA Software GmbH)" <Ma...@orisa.de>.

Hello 


> -----Ursprüngliche Nachricht-----
> Von: Kevin Edward <ke...@gmail.com>
> Gesendet: Freitag, 7. April 2023 14:26
> An: users@tomcat.apache.org
> Betreff: Tomcat needs an authenticator valve for OpenID/MSAL!
> 
> Tomcat community,
> 
> We have been using keycloak tomcat valves for SAML, but now we are
> moving to OpenID.
> 
> Who in the tomcat community can create/support a tomcat authenticator
> valve using the MSAL library?
> 
> I have the example authentication servlet working for MSAL below. Seems it
> could be easily converted to a tomcat authenticator valve:
> 
> https://github.com/Azure-Samples/ms-identity-msal-java-
> samples/tree/main/3.%20Java%20Servlet%20Web%20App%20Tutorial/1-
> Authentication/sign-in
> 
> Thank you for any and all help!
> K
[>] 

Instead of using a valve, I have had good experiences with Open ID Connect and JASPIC.

Here is an example: https://tomcat.apache.org/tomcat-9.0-doc/config/jaspic.html#Philip_Green_II's_module_for_Google_OAuth_2 

When using JASPIC you can use the tomcat mechanisms for authentication and authorization.

Greetings

Matthias