OpenSSO+Spring - an Open Source Community in Action

1 minute read

On Friday morning, Jim Gellman of the Institute for Systems Biology asked a question on the OpenSSO Users mailing list about OpenSSO/Spring Security (formerly known as Acegi) integration:

We’d like to use opensso with an app that’s using Spring Security currently, but we don’t have the resources at the moment to develop a module to do this.

Instead we’re hoping we can use Spring Security’s container adapter for tomcat along with the OpenSSO agent. Does anyone know for sure whether this is a reasonable approach?

Just a few minutes later, Robert Dale of CALGB replied:

I actually have code based on acegi-security 1.0.3 that provides an AuthenticationProvider, LogoutHandler, AuthenticationProcessingFilter, and AuthenticationProcessingFilterEntryPoint. I would be more than happy to donate to OpenSSO extensions if they want it.

How can you refuse an offer like that? Actually, it turns out that Robert had also done some work with Seraph (Atlassian’s security framework, used by Jira and Confluence). So, this morning I created two new ‘Authentication Provider’ OpenSSO Extensions - one for Spring and one for Seraph - and Robert checked in his code. If you’ve been scratching your head, wondering how to integrate OpenSSO with Spring or Seraph, go check ‘em out!



Javier Piscoya

I'm very keen on using OpenSSO with Acegui / Spring Security (have applications secured with both versions). I followed the link to:

However some things seems to be missing, I could get the source code (not via cvs, always timeout when connecting to the server), but not some files like:

Is there a way to get those files?


Pat Patterson

Hi Javier,

I didn't write the Acegi/Spring integration, but if you email the [email protected] mailing list you'll be able to reach people who are working with it. To subscribe:

1. Go to and register for a account.
2. Go to and request 'Observer' role on OpenSSO.
3. Go to and subscribe to '[email protected]'.



Leave a Comment

Your email address will not be published. Required fields are marked *