You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@roller.apache.org by David Castañeda <da...@gmail.com> on 2006/12/16 19:53:13 UTC
Integrate authentication with container
Can anybody give me a light on how to use roller in a "Container Managed
Security" way????
does anybody did this before... ???
Regards,
--
David Castañeda R.
Re: Integrate authentication with container
Posted by David Castañeda <da...@gmail.com>.
YEs initially we thought aout this solution but we are working with a legacy
SSO solution that's implemented by another company...
On 12/18/06, Matt Raible <mr...@gmail.com> wrote:
>
> Have you thought of using a single sign-on solution like Yale's CAS -
> this might make it easier. Acegi integrates with CAS quite easily
> (though I've heard, never done it myself).
>
> http://www.ja-sig.org/products/cas/
>
> What you're doing will probably work, but using CAS is likely a more
> robust solution.
>
> Matt
>
> On 12/18/06, David Castañeda <da...@gmail.com> wrote:
> > Hi Matt, OK I think that now I need another hand on this... :$
> >
> > So after reading the acegi reference manual I'm planning to implement my
> > case as follows...
> >
> > I'll create another filter CookieBasedFilter and a provider
> > CookieBasedProvider the idea is that if the request to the server gets
> with
> > this cookie I'll authenticate based on cookie parameters and make an
> > Authentication object available for authorization purposes..
> >
> > I'm modifying roller security.xml to ....
> >
> > ==============================================================
> > <bean id="filterChainProxy"
> > class="org.acegisecurity.util.FilterChainProxy">
> > <property name="filterInvocationDefinitionSource">
> > <value>
> > CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
> > PATTERN_TYPE_APACHE_ANT
> >
> >
> **=httpSessionContextIntegrationFilter,authenticationProcessingFilter,rememberMeProcessingFilter,channelProcessingFilter,remoteUserFilter,
> >
> cookieBasedFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
> > </value>
> > </property>
> > </bean>
> >
> > <bean id="authenticationManager"
> > class="org.acegisecurity.providers.ProviderManager">
> > <property name="providers">
> > <list>
> > <ref local="daoAuthenticationProvider"/>
> > <ref
> > local="anonymousAuthenticationProvider"/>
> > <ref local="
> > cookieBasedAuthenticationProvider"/>
> > <!-- rememberMeAuthenticationProvider added
> > programmatically -->
> > </list>
> > </property>
> > </bean>
> >
> > <bean id="cookieBasedAuthenticationProvider"
> > class="
> org.apache.roller.ui.core.security.CookieBasedAuthenticationProvider">
> >
> > </bean>
> >
> > <!-- ===================== COOKIE ==================== -->
> > <bean id="CookieBasedFilter"
> > class="org.apache.roller.ui.core.security.CookieBasedFilter">
> > <property name="authenticationManager"
> ref="authenticationManager"/>
> > </bean>
> >
> > ===============================================
> > The rest is unmodified... at this point have you any suggestion in this
> > approach ... ??? or better do you know about a reference about
> something
> > similar to this.
> >
> > Again, thanks a lot for your help...
> >
> > PD... I'm reattaching the conversation to roller mail list
> >
>
>
> --
> http://raibledesigns.com
>
--
David Castañeda R.
Re: Integrate authentication with container
Posted by Matt Raible <mr...@gmail.com>.
Have you thought of using a single sign-on solution like Yale's CAS -
this might make it easier. Acegi integrates with CAS quite easily
(though I've heard, never done it myself).
http://www.ja-sig.org/products/cas/
What you're doing will probably work, but using CAS is likely a more
robust solution.
Matt
On 12/18/06, David Castañeda <da...@gmail.com> wrote:
> Hi Matt, OK I think that now I need another hand on this... :$
>
> So after reading the acegi reference manual I'm planning to implement my
> case as follows...
>
> I'll create another filter CookieBasedFilter and a provider
> CookieBasedProvider the idea is that if the request to the server gets with
> this cookie I'll authenticate based on cookie parameters and make an
> Authentication object available for authorization purposes..
>
> I'm modifying roller security.xml to ....
>
> ==============================================================
> <bean id="filterChainProxy"
> class="org.acegisecurity.util.FilterChainProxy">
> <property name="filterInvocationDefinitionSource">
> <value>
> CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
> PATTERN_TYPE_APACHE_ANT
>
> **=httpSessionContextIntegrationFilter,authenticationProcessingFilter,rememberMeProcessingFilter,channelProcessingFilter,remoteUserFilter,
> cookieBasedFilter,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
> </value>
> </property>
> </bean>
>
> <bean id="authenticationManager"
> class="org.acegisecurity.providers.ProviderManager">
> <property name="providers">
> <list>
> <ref local="daoAuthenticationProvider"/>
> <ref
> local="anonymousAuthenticationProvider"/>
> <ref local="
> cookieBasedAuthenticationProvider"/>
> <!-- rememberMeAuthenticationProvider added
> programmatically -->
> </list>
> </property>
> </bean>
>
> <bean id="cookieBasedAuthenticationProvider"
> class="org.apache.roller.ui.core.security.CookieBasedAuthenticationProvider">
>
> </bean>
>
> <!-- ===================== COOKIE ==================== -->
> <bean id="CookieBasedFilter"
> class="org.apache.roller.ui.core.security.CookieBasedFilter">
> <property name="authenticationManager" ref="authenticationManager"/>
> </bean>
>
> ===============================================
> The rest is unmodified... at this point have you any suggestion in this
> approach ... ??? or better do you know about a reference about something
> similar to this.
>
> Again, thanks a lot for your help...
>
> PD... I'm reattaching the conversation to roller mail list
>
--
http://raibledesigns.com
Re: Integrate authentication with container
Posted by David Castañeda <da...@gmail.com>.
Hi Matt, OK I think that now I need another hand on this... :$
So after reading the acegi reference manual I'm planning to implement my
case as follows...
I'll create another filter CookieBasedFilter and a provider
CookieBasedProvider the idea is that if the request to the server gets with
this cookie I'll authenticate based on cookie parameters and make an
Authentication object available for authorization purposes..
I'm modifying roller security.xml to ....
==============================================================
<bean id="filterChainProxy" class="org.acegisecurity.util.FilterChainProxy">
<property name="filterInvocationDefinitionSource">
<value>
CONVERT_URL_TO_LOWERCASE_BEFORE_COMPARISON
PATTERN_TYPE_APACHE_ANT
**=httpSessionContextIntegrationFilter,authenticationProcessingFilter,rememberMeProcessingFilter,channelProcessingFilter,remoteUserFilter,
cookieBasedFilter
,anonymousProcessingFilter,exceptionTranslationFilter,filterInvocationInterceptor
</value>
</property>
</bean>
<bean id="authenticationManager" class="
org.acegisecurity.providers.ProviderManager">
<property name="providers">
<list>
<ref local="daoAuthenticationProvider"/>
<ref local="anonymousAuthenticationProvider"/>
<ref local="cookieBasedAuthenticationProvider"/>
<!-- rememberMeAuthenticationProvider added programmatically
-->
</list>
</property>
</bean>
<bean id="cookieBasedAuthenticationProvider" class="
org.apache.roller.ui.core.security.CookieBasedAuthenticationProvider">
</bean>
<!-- ===================== COOKIE ==================== -->
<bean id="CookieBasedFilter" class="
org.apache.roller.ui.core.security.CookieBasedFilter">
<property name="authenticationManager" ref="authenticationManager"/>
</bean>
===============================================
The rest is unmodified... at this point have you any suggestion in this
approach ... ??? or better do you know about a reference about something
similar to this.
Again, thanks a lot for your help...
PD... I'm reattaching the conversation to roller mail list
Re: Integrate authentication with container
Posted by Matt Raible <mr...@gmail.com>.
If you use Roller's API to create your users, you should be able to
assign them a blog and such. I believe there's previous threads in
the archives that show how to do this.
Matt
On 12/16/06, David Castañeda <da...@gmail.com> wrote:
> The case is that we have another application with users and each user will
> get a blog... so we need to create the user and the blog pragmatically from
> our application and latter allows roller to authenticate against our
> application when the user try to reach a roller URL directly,,
>
> our application will use a custom SSO
>
> I really appreciate any help on this.. because I spend my day reading acegi
> tutorials but still can't find a starting point.
>
> Regards,
>
>
> On 12/16/06, Matt Raible <mr...@gmail.com> wrote:
> > What type of integration are you hoping to do? Single-signon type of
> > functionality or something else?
> >
> > Matt
> >
> > On 12/16/06, David Castañeda < davidecr@gmail.com> wrote:
> > > thnaks matt currently I'm learning acegi in order to correctly implement
> the
> > > required functionality inside my app.... my question was if it was
> possible
> > > to integrate the new roller 3 (Acegi) with another application using
> > > container authentication and authorization.
> > >
> > > Meanwhile I'll keep my efforts on learning acegi... as it seems a little
> bit
> > > hard task.
> > >
> > >
> > > Thanks again,
> > >
> > >
> > >
> > >
> > > On 12/16/06, Matt Raible <mr...@gmail.com> wrote:
> > > > We used to use Container Managed Security, but changed to using Acegi
> > > > Security since it provided all the same features + more.
> > > >
> > > > Matt
> > > >
> > > > On 12/16/06, David Castañeda <davidecr@gmail.com > wrote:
> > > > > Can anybody give me a light on how to use roller in a "Container
> > > Managed
> > > > > Security" way????
> > > > >
> > > > > does anybody did this before... ???
> > > > >
> > > > > Regards,
> > > > >
> > > > > --
> > > > > David Castañeda R.
> > > > >
> > > > >
> > > >
> > > >
> > > > --
> > > > http://raibledesigns.com
> > > >
> > >
> > >
> > >
> > > --
> > > David Castañeda R.
> >
> >
> > --
> > http://raibledesigns.com
> >
>
>
>
> --
> David Castañeda R.
--
http://raibledesigns.com
Re: Integrate authentication with container
Posted by Matt Raible <mr...@gmail.com>.
What type of integration are you hoping to do? Single-signon type of
functionality or something else?
Matt
On 12/16/06, David Castañeda <da...@gmail.com> wrote:
> thnaks matt currently I'm learning acegi in order to correctly implement the
> required functionality inside my app.... my question was if it was possible
> to integrate the new roller 3 (Acegi) with another application using
> container authentication and authorization.
>
> Meanwhile I'll keep my efforts on learning acegi... as it seems a little bit
> hard task.
>
>
> Thanks again,
>
>
>
>
> On 12/16/06, Matt Raible <mr...@gmail.com> wrote:
> > We used to use Container Managed Security, but changed to using Acegi
> > Security since it provided all the same features + more.
> >
> > Matt
> >
> > On 12/16/06, David Castañeda <da...@gmail.com> wrote:
> > > Can anybody give me a light on how to use roller in a "Container
> Managed
> > > Security" way????
> > >
> > > does anybody did this before... ???
> > >
> > > Regards,
> > >
> > > --
> > > David Castañeda R.
> > >
> > >
> >
> >
> > --
> > http://raibledesigns.com
> >
>
>
>
> --
> David Castañeda R.
--
http://raibledesigns.com
Re: Integrate authentication with container
Posted by David Castañeda <da...@gmail.com>.
thnaks matt currently I'm learning acegi in order to correctly implement the
required functionality inside my app.... my question was if it was possible
to integrate the new roller 3 (Acegi) with another application using
container authentication and authorization.
Meanwhile I'll keep my efforts on learning acegi... as it seems a little bit
hard task.
Thanks again,
On 12/16/06, Matt Raible <mr...@gmail.com> wrote:
>
> We used to use Container Managed Security, but changed to using Acegi
> Security since it provided all the same features + more.
>
> Matt
>
> On 12/16/06, David Castañeda <da...@gmail.com> wrote:
> > Can anybody give me a light on how to use roller in a
> "Container Managed
> > Security" way????
> >
> > does anybody did this before... ???
> >
> > Regards,
> >
> > --
> > David Castañeda R.
> >
> >
>
>
> --
> http://raibledesigns.com
>
--
David Castañeda R.
Re: Integrate authentication with container
Posted by Matt Raible <mr...@gmail.com>.
We used to use Container Managed Security, but changed to using Acegi
Security since it provided all the same features + more.
Matt
On 12/16/06, David Castañeda <da...@gmail.com> wrote:
> Can anybody give me a light on how to use roller in a "Container Managed
> Security" way????
>
> does anybody did this before... ???
>
> Regards,
>
> --
> David Castañeda R.
>
>
--
http://raibledesigns.com