You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@shiro.apache.org by jleleu <le...@gmail.com> on 2012/07/01 14:43:54 UTC
Complete CAS remember-me support
Hi Les,
I was preparing a demo on CAS support for Shiro :
https://github.com/leleuj/cas-shiro-demo and I did realize the remember-me
feature is not fully addressed.
One use case is missing : if the user is already remembered (by CAS) and
want to be authenticated, it should be redirected to CAS server with a
specific parameter (renew=true) to force CAS re-authentication.
For this use case, I created a CasAuthenticatedUserFilter which checks if
the user is authenticated (not remembered) and sends him to the CAS server
if he's not (with the specific parameter to force re-authentication if he's
already remembered).
I created a JIRA SHIRO-373 and attached the SVN patch.
I'm waiting for your feedback.
Thanks.
Best regards,
Jérôme
--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-tp7577498.html
Sent from the Shiro Developer mailing list archive at Nabble.com.
Re: Complete CAS remember-me support
Posted by Les Hazlewood <lh...@apache.org>.
On Wed, Jul 25, 2012 at 11:04 AM, jleleu <le...@gmail.com> wrote:
> Hi,
>
> Thanks for making things clear. As I saw the same source code in buji-cas as
> in shiro-cas, I was a bit confused on the strategy.
This was unfortunate. I think Jason automatically put *all* support
modules in buji 'just in case'. Things that are currently in Shiro's
support modules will stay in Shiro's support modules until the dev
team discusses otherwise.
> So here is my official proposal / request to Shiro's dev team :
> - can we remove CAS support from Shiro core and move it into buji-cas ?
> - can I get the lead on the buji-cas extension (meaning commit access on
> buji-cas) as I know both CAS and Shiro and as I'm willing to maintain and
> improve this extension ?
I don't know that it makes sense to move CAS just yet. Let's get some
open discussion on this first.
Thanks again for the feedback - this is helpful!
Best,
--
Les Hazlewood | @lhazlewood
CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
Stormpath wins GigaOM Structure Launchpad Award! http://bit.ly/MvZkMk
Re: Complete CAS remember-me support
Posted by jleleu <le...@gmail.com>.
Hi,
Thanks for making things clear. As I saw the same source code in buji-cas as
in shiro-cas, I was a bit confused on the strategy.
>From my point of view, it's hard for the Shiro's dev team to maintain and
follow my requests about CAS support. Today, I'm asking for updating
remember-me (SHIRO-373) and it's not an easy topic, but tomorrow I'm pretty
sure I will need to address auto-login, proxy mode... Working on CAS support
for Shiro requires to know both CAS and Shiro.
So here is my official proposal / request to Shiro's dev team :
- can we remove CAS support from Shiro core and move it into buji-cas ?
- can I get the lead on the buji-cas extension (meaning commit access on
buji-cas) as I know both CAS and Shiro and as I'm willing to maintain and
improve this extension ?
Thanks.
Best regards,
Jérôme
--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-tp7577498p7577614.html
Sent from the Shiro Developer mailing list archive at Nabble.com.
Re: Complete CAS remember-me support
Posted by Jared Bunting <ja...@peachjean.com>.
Thanks for the explanation Les. I must have missed the other thread.
Anyways, I like the idea.
-Jared
On Sat 21 Jul 2012 05:32:11 PM CDT, Les Hazlewood wrote:
> This was posted on another email thread on Shiro's dev list, but I'll
> cross post here due to wanting to be extremely clear about Buji:
>
> I created the Buji project on a whim last week as a playground of
> sorts for people (including me) wishing to work on things at their own
> pace, without the need to sync w/ the Shiro development team or the
> dev team's timelines or goals. People like GitHub a lot, so they can
> use it if they want. And for reference, 'buji', pronounced "boo jee",
> is a Japanese word for 'safety', paying homage to Shiro's target space
> and Japanese-themed name.
>
> What is important to note here is that there is nothing about Buji
> that is 'official' from a Shiro dev team (or Apache) perspective. I
> created it with the expectation that it is 100% for community-led and
> community-supported extensions - people can do whatever they want with
> it and the Shiro team has no official involvement (and therefore no
> official ASF guarantees, which every Apache project makes). My vision
> was that it can be identical in concept the WicketStuff project and
> how that project functions in relation to Apache Wicket, and just see
> what happens.
>
> That being said, I personally like the idea and I'll probably use it
> myself for things that may not make sense to be in the core Shiro
> project.
>
> There has been NO discussion with the Shiro team about removing
> anything that is currently in Shiro and moving it to Buji at all.
> Again, Buji was just my own simple idea for the community to play with
> and has zero 'official' impact on Shiro's development practices. If
> the Shiro development team wants to migrate code from Apache Shiro to
> Buji because we don't want to officially maintain something anymore,
> that will be discussed by the dev team. So far there hasn't been any
> such communication or desire.
>
> Again, let me reiterate: Apache Shiro is an official Apache Top Level
> Project, and all efforts supported by the official Apache Shiro team
> will (and will always) be done at Apache. The Buji project conversely
> is a playground to be used by the wider/general open source community
> at their own discretion and without official ASF support or
> IP/licensing guarantees therein. Use it and/or contribute to it at
> your own discretion based on your needs/desires.
>
> Best,
>
> --
> Les Hazlewood | @lhazlewood
> CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
> Stormpath wins GigaOM Structure Launchpad Award! http://bit.ly/MvZkMk
>
> On Fri, Jul 20, 2012 at 4:15 AM, jleleu <le...@gmail.com> wrote:
>> No problem. Let's wait for the big picture.
>> If you have some time, I think you should start by the bug referenced in
>> https://issues.apache.org/jira/browse/SHIRO-376.
>> Thanks,
>> Jérôme
>>
>>
>>
>>
>> --
>> View this message in context: http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-tp7577498p7577551.html
>> Sent from the Shiro Developer mailing list archive at Nabble.com.
Re: Complete CAS remember-me support
Posted by Les Hazlewood <lh...@apache.org>.
This was posted on another email thread on Shiro's dev list, but I'll
cross post here due to wanting to be extremely clear about Buji:
I created the Buji project on a whim last week as a playground of
sorts for people (including me) wishing to work on things at their own
pace, without the need to sync w/ the Shiro development team or the
dev team's timelines or goals. People like GitHub a lot, so they can
use it if they want. And for reference, 'buji', pronounced "boo jee",
is a Japanese word for 'safety', paying homage to Shiro's target space
and Japanese-themed name.
What is important to note here is that there is nothing about Buji
that is 'official' from a Shiro dev team (or Apache) perspective. I
created it with the expectation that it is 100% for community-led and
community-supported extensions - people can do whatever they want with
it and the Shiro team has no official involvement (and therefore no
official ASF guarantees, which every Apache project makes). My vision
was that it can be identical in concept the WicketStuff project and
how that project functions in relation to Apache Wicket, and just see
what happens.
That being said, I personally like the idea and I'll probably use it
myself for things that may not make sense to be in the core Shiro
project.
There has been NO discussion with the Shiro team about removing
anything that is currently in Shiro and moving it to Buji at all.
Again, Buji was just my own simple idea for the community to play with
and has zero 'official' impact on Shiro's development practices. If
the Shiro development team wants to migrate code from Apache Shiro to
Buji because we don't want to officially maintain something anymore,
that will be discussed by the dev team. So far there hasn't been any
such communication or desire.
Again, let me reiterate: Apache Shiro is an official Apache Top Level
Project, and all efforts supported by the official Apache Shiro team
will (and will always) be done at Apache. The Buji project conversely
is a playground to be used by the wider/general open source community
at their own discretion and without official ASF support or
IP/licensing guarantees therein. Use it and/or contribute to it at
your own discretion based on your needs/desires.
Best,
--
Les Hazlewood | @lhazlewood
CTO, Stormpath | http://stormpath.com | @goStormpath | 888.391.5282
Stormpath wins GigaOM Structure Launchpad Award! http://bit.ly/MvZkMk
On Fri, Jul 20, 2012 at 4:15 AM, jleleu <le...@gmail.com> wrote:
> No problem. Let's wait for the big picture.
> If you have some time, I think you should start by the bug referenced in
> https://issues.apache.org/jira/browse/SHIRO-376.
> Thanks,
> Jérôme
>
>
>
>
> --
> View this message in context: http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-tp7577498p7577551.html
> Sent from the Shiro Developer mailing list archive at Nabble.com.
Re: Complete CAS remember-me support
Posted by jleleu <le...@gmail.com>.
No problem. Let's wait for the big picture.
If you have some time, I think you should start by the bug referenced in
https://issues.apache.org/jira/browse/SHIRO-376.
Thanks,
Jérôme
--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-tp7577498p7577551.html
Sent from the Shiro Developer mailing list archive at Nabble.com.
Re: Complete CAS remember-me support
Posted by Jared Bunting <ja...@peachjean.com>.
Yeah, I see this buji project and am curious about the intention there as
well. I can see the argument for not including oauth client support in
shiro, but I don't see the same thing being applicable with CAS. I'll have
a look at your patch today, just been a bit busy this summer.
-Jared
On Jul 20, 2012 2:10 AM, "jleleu" <le...@gmail.com> wrote:
> Hi Jared,
>
> You should ask Les about this. He's leading Shiro, I'm just trying to
> help...
>
> During six months, I proposed to add OAuth client support to Shiro without
> success. Then, thanks to Jason, we created buji-oauth as a Shiro extension
> :
> https://github.com/bujiio/buji-oauth.
>
> If you look at bujiio : https://github.com/bujiio, you will find many
> other
> extensions : buji-cas, buji-guice, buji-openid... with the same source code
> (except pom.xml) as you can find on SVN.
>
> So that's why I think CAS support could be removed from Shiro core and put
> into buji-cas extension, to ease lifecycle, additions of new features
> (github vs SVN)...
>
> And as this buji-cas extension is not finished, I'm just trying / proposing
> to help on this : I feel concerned because I proposed this CAS support and
> I
> am a CAS commiter.
>
> Best regards,
> Jérôme
>
>
>
>
> --
> View this message in context:
> http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-tp7577498p7577548.html
> Sent from the Shiro Developer mailing list archive at Nabble.com.
>
Re: Complete CAS remember-me support
Posted by jleleu <le...@gmail.com>.
Hi Jared,
You should ask Les about this. He's leading Shiro, I'm just trying to
help...
During six months, I proposed to add OAuth client support to Shiro without
success. Then, thanks to Jason, we created buji-oauth as a Shiro extension :
https://github.com/bujiio/buji-oauth.
If you look at bujiio : https://github.com/bujiio, you will find many other
extensions : buji-cas, buji-guice, buji-openid... with the same source code
(except pom.xml) as you can find on SVN.
So that's why I think CAS support could be removed from Shiro core and put
into buji-cas extension, to ease lifecycle, additions of new features
(github vs SVN)...
And as this buji-cas extension is not finished, I'm just trying / proposing
to help on this : I feel concerned because I proposed this CAS support and I
am a CAS commiter.
Best regards,
Jérôme
--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-tp7577498p7577548.html
Sent from the Shiro Developer mailing list archive at Nabble.com.
Re: Complete CAS remember-me support
Posted by Jared Bunting <ja...@peachjean.com>.
Why would we remove CAS support from shiro proper?
-Jared
On 07/19/2012 01:49 PM, jleleu wrote:
> Hi Les,
>
> I finally found the buji-cas project. But it doesn't seem to be finished.
>
> I can't build it due to some missing version, there is no documentation,
> package names are not io.buji.* like in buji-oauth...
>
> Is it planned (and if so, when ?) to remove CAS support from Shiro core and
> to publish buji-cas as the official CAS support extension ?
>
> Thanks.
> Best regards,
> Jérôme
>
>
> --
> View this message in context: http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-tp7577498p7577545.html
> Sent from the Shiro Developer mailing list archive at Nabble.com.
Re: Complete CAS remember-me support
Posted by jleleu <le...@gmail.com>.
Hi Les,
I finally found the buji-cas project. But it doesn't seem to be finished.
I can't build it due to some missing version, there is no documentation,
package names are not io.buji.* like in buji-oauth...
Is it planned (and if so, when ?) to remove CAS support from Shiro core and
to publish buji-cas as the official CAS support extension ?
Thanks.
Best regards,
Jérôme
--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-tp7577498p7577545.html
Sent from the Shiro Developer mailing list archive at Nabble.com.
Re: Complete CAS remember-me support
Posted by jleleu <le...@gmail.com>.
Hi,
I don't know if you have been able to take a look at this also.
Maybe It could help if I moved my public CAS demo from github to samples in
Shiro...
Best regards,
Jérôme
--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-tp7577498p7577501.html
Sent from the Shiro Developer mailing list archive at Nabble.com.