You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@wicket.apache.org by Per Newgro <pe...@gmx.ch> on 2018/03/31 07:25:02 UTC
Google Login with spring boot @WicketApp
Hello,
i would like to replace my local (db-based) login with OAuth Provider
Google.
But so far i could not implement a working solution. The app is
registered at Google.
Client secret and ID are present. But i can not find an example how to
integrate everything in my Wicket App.
Is some1 knowing an example which i can study?
Thanks for your support
Per
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Google Login with spring boot @WicketApp
Posted by Tobias Soloschenko <to...@googlemail.com>.
Thanks a lot for sharing of the Code!
kind regards
Tobias
> Am 12.04.2018 um 23:50 schrieb guillaume.mary <gu...@gmail.com>:
>
> Hi,
>
> I came accross the same problem some months ago (in a more generic way
> because it wasn't targeting Google only).
> I made the choice to use PAC4J to benefit from its principle and algorithm :
> "all you have to do" is to handle page requests and decide wheither or not
> it should be pushed to PAC4J (are all your pages protected ?). You also have
> to understand PAC4J, which is not a simple thing because it doesn't feet
> well with Wicket.
> You must use a "IndirectClient" (PAC4J term) and call :
> - DefaultSecurityLogic to start third party authentication
> - DefaultCallbackLogic to handle callback from the provider, it must be
> mounted on a URL
> - DefaultLogoutLogic for logout, it must be mounted also
>
> I made all of this in the following project :
> https://github.com/tircis/pac4j-wicket
> No release, no example, no doc (but javadoc), sorry.
> You'll have to put a Pac4jRequestCycleListener in your web.xml or
> equivalent, then use the Pac4jApplication or mimic it.
> The scheme is that AuthenticatedWebApplication decides first (according to
> role annotations) if users are loggedIn or not, I mean that URL protection
> is not made by PACJ4. It might be different with Spring boot.
> The project depends on Wicket 8 but it can be reverted to Wicket 7 easily
> (1-2 adjustments to make).
>
> Last, if you have to handle both IndirectClient and DirectClient (not OAuth
> Provider, continue to use your local database), then it' even more
> complicated. In my code I tried to make Wicket SignInPanel feets to PAC4J
> DirectClient, it's not clean because Wicket SignInPanel is coupled to
> AuthenticatedWebSession and made an ugly ThreadLocal for credentials
> short-term storage.
>
> Hope it helps
>
> --
> Sent from: http://apache-wicket.1842946.n4.nabble.com/Users-forum-f1842947.html
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
> For additional commands, e-mail: users-help@wicket.apache.org
>
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org
Re: Google Login with spring boot @WicketApp
Posted by "guillaume.mary" <gu...@gmail.com>.
Hi,
I came accross the same problem some months ago (in a more generic way
because it wasn't targeting Google only).
I made the choice to use PAC4J to benefit from its principle and algorithm :
"all you have to do" is to handle page requests and decide wheither or not
it should be pushed to PAC4J (are all your pages protected ?). You also have
to understand PAC4J, which is not a simple thing because it doesn't feet
well with Wicket.
You must use a "IndirectClient" (PAC4J term) and call :
- DefaultSecurityLogic to start third party authentication
- DefaultCallbackLogic to handle callback from the provider, it must be
mounted on a URL
- DefaultLogoutLogic for logout, it must be mounted also
I made all of this in the following project :
https://github.com/tircis/pac4j-wicket
No release, no example, no doc (but javadoc), sorry.
You'll have to put a Pac4jRequestCycleListener in your web.xml or
equivalent, then use the Pac4jApplication or mimic it.
The scheme is that AuthenticatedWebApplication decides first (according to
role annotations) if users are loggedIn or not, I mean that URL protection
is not made by PACJ4. It might be different with Spring boot.
The project depends on Wicket 8 but it can be reverted to Wicket 7 easily
(1-2 adjustments to make).
Last, if you have to handle both IndirectClient and DirectClient (not OAuth
Provider, continue to use your local database), then it' even more
complicated. In my code I tried to make Wicket SignInPanel feets to PAC4J
DirectClient, it's not clean because Wicket SignInPanel is coupled to
AuthenticatedWebSession and made an ugly ThreadLocal for credentials
short-term storage.
Hope it helps
--
Sent from: http://apache-wicket.1842946.n4.nabble.com/Users-forum-f1842947.html
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@wicket.apache.org
For additional commands, e-mail: users-help@wicket.apache.org