You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@isis.apache.org by uma narayan <um...@yahoo.com.INVALID> on 2016/08/16 04:54:39 UTC
Apache ISIS - Shiro - CAS Authentication
Hi,
I need to integrate apache isis with shiro-cas. With shiro-cas I was able to authenticate and authorize successfully but still isis login page is presented is to me.
Summarizing my application flow:1. CAS filter re-directs to CAS Login
2. CAS Realm performs authentication and authorization3. Then, apache isis login page is presented again.
On analyzing the source code found that AuthenticatedWebSession is not created. Please provide me a solution to resolve this issue.
Thanks for your help,Uma
Re: Apache ISIS - Shiro - CAS Authentication
Posted by Dan Haywood <da...@haywood-associates.co.uk>.
Hi Uma,
How did you get on with these suggestions?
Also, would you be able to share the code you have (for integrating with
shiro-cas) in case others in the user community have the same use case
Thx
Dan
On 16 August 2016 at 05:54, uma narayan <um...@yahoo.com.invalid>
wrote:
> Hi,
> I need to integrate apache isis with shiro-cas. With shiro-cas I was able
> to authenticate and authorize successfully but still isis login page is
> presented is to me.
>
> Summarizing my application flow:1. CAS filter re-directs to CAS Login
> 2. CAS Realm performs authentication and authorization3. Then, apache isis
> login page is presented again.
>
> On analyzing the source code found that AuthenticatedWebSession is not
> created. Please provide me a solution to resolve this issue.
> Thanks for your help,Uma
>
>
>
Re: Apache ISIS - Shiro - CAS Authentication
Posted by Martin Grigorov <mg...@apache.org>.
Hi,
On Tue, Aug 16, 2016 at 10:16 PM, David Tildesley <
davotnz@yahoo.co.nz.invalid> wrote:
> Hi Uma,
> Just an idea: you could extend org.apache.isis.viewer.wicket.
> viewer.integration.wicket.WebRequestCycleForIsis
> 1. Check for a Wicket Session: org.apache.wicket.protocol.
> http.WebSession.get();
>
Small correction.
Session#get() acts as "get or create".
Use Session#exists() to check whether there is a session or not.
> 2. If none, assume the "container" has authenticated the user so then
> check HttpServletRequest for a remote user (getRemoteUser();)
> 3. If remote user exists then set the user in wicket:
> org.apache.wicket.authroles.authentication.AuthenticatedWebSession.get(0.signIn(username,
> ""):
>
> No doubt a few other things to take care of but may be a good starting
> point.
>
> David.
>
> On Tuesday, 16 August 2016 5:04 PM, uma narayan
> <um...@yahoo.com.INVALID> wrote:
>
>
> Hi,
> I need to integrate apache isis with shiro-cas. With shiro-cas I was able
> to authenticate and authorize successfully but still isis login page is
> presented is to me.
>
> Summarizing my application flow:1. CAS filter re-directs to CAS Login
> 2. CAS Realm performs authentication and authorization3. Then, apache isis
> login page is presented again.
>
> On analyzing the source code found that AuthenticatedWebSession is not
> created. Please provide me a solution to resolve this issue.
> Thanks for your help,Uma
>
>
>
>
>
Re: Apache ISIS - Shiro - CAS Authentication
Posted by David Tildesley <da...@yahoo.co.nz.INVALID>.
Hi Uma,
Just an idea: you could extend org.apache.isis.viewer.wicket.viewer.integration.wicket.WebRequestCycleForIsis
1. Check for a Wicket Session: org.apache.wicket.protocol.http.WebSession.get();
2. If none, assume the "container" has authenticated the user so then check HttpServletRequest for a remote user (getRemoteUser();)
3. If remote user exists then set the user in wicket: org.apache.wicket.authroles.authentication.AuthenticatedWebSession.get(0.signIn(username, ""):
No doubt a few other things to take care of but may be a good starting point.
David.
On Tuesday, 16 August 2016 5:04 PM, uma narayan <um...@yahoo.com.INVALID> wrote:
Hi,
I need to integrate apache isis with shiro-cas. With shiro-cas I was able to authenticate and authorize successfully but still isis login page is presented is to me.
Summarizing my application flow:1. CAS filter re-directs to CAS Login
2. CAS Realm performs authentication and authorization3. Then, apache isis login page is presented again.
On analyzing the source code found that AuthenticatedWebSession is not created. Please provide me a solution to resolve this issue.
Thanks for your help,Uma