You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@archiva.apache.org by Ronoaldo Pereira Oferta Única <rp...@ofertaunica.com.br> on 2013/01/03 18:43:46 UTC
How to setup Archiva / Redback to use Servlet Container authentication?
Hello Archiva users and developers,
Is there a way to configure Archiva / Redback to use the Servlet Container
Authentication (Realm)? I want to deploy some apps (Jenkins, Archiva, etc.)
and manage all users via the Containe auth. The main idea is to manage them
to use
My intention is to accept both basic and OpenID authentication in the
container, and I guess this may work for my use case.
Thanks!
--
*Ronoaldo José de Lana Pereira*
Re: How to setup Archiva / Redback to use Servlet Container authentication?
Posted by Olivier Lamy <ol...@apache.org>.
Have a look at UserManager and implementations in redback source code.
Then you will have to implement a RbacManager (see various implementations).
Note: I will change a bit what I did recently for Ldap to implement a
LdapRbacManager (mapping of ldap groups to archiva roles).
BTW feel free to move discussion to dev@
2013/1/10 Ronoaldo Pereira Oferta Única <rp...@ofertaunica.com.br>:
> Thank you Olivier,
>
> I'll take a look at the LDAP implementation (which I'm currently using).
>
> Kind regards,
>
>
> 2013/1/9 Olivier Lamy <ol...@apache.org>
>
>> 2013/1/8 Ronoaldo Pereira Oferta Única <rp...@ofertaunica.com.br>:
>> > Hello Brett,
>> >
>> > Thank you for your quick reply! If you can guide me I will be very happy
>> do
>> > implement this and publish as open source!
>> >
>> > I just found that Tomcat has an SSO Valve, and wold love to be able to
>> use
>> > that solution to single-sigon between my archiva and jenkins war
>> > deployments on a Tomcat instalation. Do you think that this is doable?
>> If I
>> > understood properly, I have to implement the security stuff on the
>> web.xml
>> > plus the archiva user / roles discover mechanism (redback plugin) to
>> trust
>> > the container authentication right?
>> correct.
>> A UserManager implementation.
>> Then an Authorizer (to map roles to you authz mechanism).
>> Maybe have a look at what is done for ldap. I just committed some
>> stuff for that.
>>
>> >
>> > Kind regards!
>> >
>> >
>> >
>> >
>> > 2013/1/3 Brett Porter <br...@apache.org>
>> >
>> >> If I recall, there were some early attempts at this, but nothing present
>> >> in the code at the moment.
>> >>
>> >> Happy to provide some pointers if you would like to help integrate it
>> >> though!
>> >>
>> >> - Brett
>> >>
>> >> On 04/01/2013, at 4:43 AM, Ronoaldo Pereira Oferta Única <
>> >> rpereira@ofertaunica.com.br> wrote:
>> >>
>> >> > Hello Archiva users and developers,
>> >> >
>> >> > Is there a way to configure Archiva / Redback to use the Servlet
>> >> Container
>> >> > Authentication (Realm)? I want to deploy some apps (Jenkins, Archiva,
>> >> etc.)
>> >> > and manage all users via the Containe auth. The main idea is to manage
>> >> them
>> >> > to use
>> >> >
>> >> > My intention is to accept both basic and OpenID authentication in the
>> >> > container, and I guess this may work for my use case.
>> >> >
>> >> > Thanks!
>> >> >
>> >> > --
>> >> > *Ronoaldo José de Lana Pereira*
>> >>
>> >> --
>> >> Brett Porter
>> >> brett@apache.org
>> >> http://brettporter.wordpress.com/
>> >> http://au.linkedin.com/in/brettporter
>> >> http://twitter.com/brettporter
>> >>
>> >>
>> >>
>> >>
>> >>
>> >>
>> >
>> >
>> > --
>> > *Ronoaldo José de Lana Pereira
>> > *Departamento de Tecnologia da Informação
>> >
>> > *Plataforma Oferta Única*
>> > http://www.ofertaunica.com/
>> > São Paulo: (11) 2666-4085 / Ramal 450
>>
>>
>>
>> --
>> Olivier Lamy
>> Talend: http://coders.talend.com
>> http://twitter.com/olamy | http://linkedin.com/in/olamy
>>
>
>
>
> --
> *Ronoaldo José de Lana Pereira
> *Departamento de Tecnologia da Informação
>
> *Plataforma Oferta Única*
> http://www.ofertaunica.com/
> São Paulo: (11) 2666-4085 / Ramal 450
--
Olivier Lamy
Talend: http://coders.talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy
Re: How to setup Archiva / Redback to use Servlet Container authentication?
Posted by Ronoaldo Pereira Oferta Única <rp...@ofertaunica.com.br>.
Thank you Olivier,
I'll take a look at the LDAP implementation (which I'm currently using).
Kind regards,
2013/1/9 Olivier Lamy <ol...@apache.org>
> 2013/1/8 Ronoaldo Pereira Oferta Única <rp...@ofertaunica.com.br>:
> > Hello Brett,
> >
> > Thank you for your quick reply! If you can guide me I will be very happy
> do
> > implement this and publish as open source!
> >
> > I just found that Tomcat has an SSO Valve, and wold love to be able to
> use
> > that solution to single-sigon between my archiva and jenkins war
> > deployments on a Tomcat instalation. Do you think that this is doable?
> If I
> > understood properly, I have to implement the security stuff on the
> web.xml
> > plus the archiva user / roles discover mechanism (redback plugin) to
> trust
> > the container authentication right?
> correct.
> A UserManager implementation.
> Then an Authorizer (to map roles to you authz mechanism).
> Maybe have a look at what is done for ldap. I just committed some
> stuff for that.
>
> >
> > Kind regards!
> >
> >
> >
> >
> > 2013/1/3 Brett Porter <br...@apache.org>
> >
> >> If I recall, there were some early attempts at this, but nothing present
> >> in the code at the moment.
> >>
> >> Happy to provide some pointers if you would like to help integrate it
> >> though!
> >>
> >> - Brett
> >>
> >> On 04/01/2013, at 4:43 AM, Ronoaldo Pereira Oferta Única <
> >> rpereira@ofertaunica.com.br> wrote:
> >>
> >> > Hello Archiva users and developers,
> >> >
> >> > Is there a way to configure Archiva / Redback to use the Servlet
> >> Container
> >> > Authentication (Realm)? I want to deploy some apps (Jenkins, Archiva,
> >> etc.)
> >> > and manage all users via the Containe auth. The main idea is to manage
> >> them
> >> > to use
> >> >
> >> > My intention is to accept both basic and OpenID authentication in the
> >> > container, and I guess this may work for my use case.
> >> >
> >> > Thanks!
> >> >
> >> > --
> >> > *Ronoaldo José de Lana Pereira*
> >>
> >> --
> >> Brett Porter
> >> brett@apache.org
> >> http://brettporter.wordpress.com/
> >> http://au.linkedin.com/in/brettporter
> >> http://twitter.com/brettporter
> >>
> >>
> >>
> >>
> >>
> >>
> >
> >
> > --
> > *Ronoaldo José de Lana Pereira
> > *Departamento de Tecnologia da Informação
> >
> > *Plataforma Oferta Única*
> > http://www.ofertaunica.com/
> > São Paulo: (11) 2666-4085 / Ramal 450
>
>
>
> --
> Olivier Lamy
> Talend: http://coders.talend.com
> http://twitter.com/olamy | http://linkedin.com/in/olamy
>
--
*Ronoaldo José de Lana Pereira
*Departamento de Tecnologia da Informação
*Plataforma Oferta Única*
http://www.ofertaunica.com/
São Paulo: (11) 2666-4085 / Ramal 450
Re: How to setup Archiva / Redback to use Servlet Container authentication?
Posted by Olivier Lamy <ol...@apache.org>.
2013/1/8 Ronoaldo Pereira Oferta Única <rp...@ofertaunica.com.br>:
> Hello Brett,
>
> Thank you for your quick reply! If you can guide me I will be very happy do
> implement this and publish as open source!
>
> I just found that Tomcat has an SSO Valve, and wold love to be able to use
> that solution to single-sigon between my archiva and jenkins war
> deployments on a Tomcat instalation. Do you think that this is doable? If I
> understood properly, I have to implement the security stuff on the web.xml
> plus the archiva user / roles discover mechanism (redback plugin) to trust
> the container authentication right?
correct.
A UserManager implementation.
Then an Authorizer (to map roles to you authz mechanism).
Maybe have a look at what is done for ldap. I just committed some
stuff for that.
>
> Kind regards!
>
>
>
>
> 2013/1/3 Brett Porter <br...@apache.org>
>
>> If I recall, there were some early attempts at this, but nothing present
>> in the code at the moment.
>>
>> Happy to provide some pointers if you would like to help integrate it
>> though!
>>
>> - Brett
>>
>> On 04/01/2013, at 4:43 AM, Ronoaldo Pereira Oferta Única <
>> rpereira@ofertaunica.com.br> wrote:
>>
>> > Hello Archiva users and developers,
>> >
>> > Is there a way to configure Archiva / Redback to use the Servlet
>> Container
>> > Authentication (Realm)? I want to deploy some apps (Jenkins, Archiva,
>> etc.)
>> > and manage all users via the Containe auth. The main idea is to manage
>> them
>> > to use
>> >
>> > My intention is to accept both basic and OpenID authentication in the
>> > container, and I guess this may work for my use case.
>> >
>> > Thanks!
>> >
>> > --
>> > *Ronoaldo José de Lana Pereira*
>>
>> --
>> Brett Porter
>> brett@apache.org
>> http://brettporter.wordpress.com/
>> http://au.linkedin.com/in/brettporter
>> http://twitter.com/brettporter
>>
>>
>>
>>
>>
>>
>
>
> --
> *Ronoaldo José de Lana Pereira
> *Departamento de Tecnologia da Informação
>
> *Plataforma Oferta Única*
> http://www.ofertaunica.com/
> São Paulo: (11) 2666-4085 / Ramal 450
--
Olivier Lamy
Talend: http://coders.talend.com
http://twitter.com/olamy | http://linkedin.com/in/olamy
Re: How to setup Archiva / Redback to use Servlet Container authentication?
Posted by Ronoaldo Pereira Oferta Única <rp...@ofertaunica.com.br>.
Hello Brett,
Thank you for your quick reply! If you can guide me I will be very happy do
implement this and publish as open source!
I just found that Tomcat has an SSO Valve, and wold love to be able to use
that solution to single-sigon between my archiva and jenkins war
deployments on a Tomcat instalation. Do you think that this is doable? If I
understood properly, I have to implement the security stuff on the web.xml
plus the archiva user / roles discover mechanism (redback plugin) to trust
the container authentication right?
Kind regards!
2013/1/3 Brett Porter <br...@apache.org>
> If I recall, there were some early attempts at this, but nothing present
> in the code at the moment.
>
> Happy to provide some pointers if you would like to help integrate it
> though!
>
> - Brett
>
> On 04/01/2013, at 4:43 AM, Ronoaldo Pereira Oferta Única <
> rpereira@ofertaunica.com.br> wrote:
>
> > Hello Archiva users and developers,
> >
> > Is there a way to configure Archiva / Redback to use the Servlet
> Container
> > Authentication (Realm)? I want to deploy some apps (Jenkins, Archiva,
> etc.)
> > and manage all users via the Containe auth. The main idea is to manage
> them
> > to use
> >
> > My intention is to accept both basic and OpenID authentication in the
> > container, and I guess this may work for my use case.
> >
> > Thanks!
> >
> > --
> > *Ronoaldo José de Lana Pereira*
>
> --
> Brett Porter
> brett@apache.org
> http://brettporter.wordpress.com/
> http://au.linkedin.com/in/brettporter
> http://twitter.com/brettporter
>
>
>
>
>
>
--
*Ronoaldo José de Lana Pereira
*Departamento de Tecnologia da Informação
*Plataforma Oferta Única*
http://www.ofertaunica.com/
São Paulo: (11) 2666-4085 / Ramal 450
Re: How to setup Archiva / Redback to use Servlet Container authentication?
Posted by Brett Porter <br...@apache.org>.
If I recall, there were some early attempts at this, but nothing present in the code at the moment.
Happy to provide some pointers if you would like to help integrate it though!
- Brett
On 04/01/2013, at 4:43 AM, Ronoaldo Pereira Oferta Única <rp...@ofertaunica.com.br> wrote:
> Hello Archiva users and developers,
>
> Is there a way to configure Archiva / Redback to use the Servlet Container
> Authentication (Realm)? I want to deploy some apps (Jenkins, Archiva, etc.)
> and manage all users via the Containe auth. The main idea is to manage them
> to use
>
> My intention is to accept both basic and OpenID authentication in the
> container, and I guess this may work for my use case.
>
> Thanks!
>
> --
> *Ronoaldo José de Lana Pereira*
--
Brett Porter
brett@apache.org
http://brettporter.wordpress.com/
http://au.linkedin.com/in/brettporter
http://twitter.com/brettporter