OpenSSO+Spring - an Open Source Community in Action
On Friday morning, Jim Gellman of the Institute for Systems Biology asked a question on the OpenSSO Users mailing list about OpenSSO/Spring Security (formerly known as Acegi) integration:
We’d like to use opensso with an app that’s using Spring Security currently, but we don’t have the resources at the moment to develop a module to do this.
Instead we’re hoping we can use Spring Security’s container adapter for tomcat along with the OpenSSO agent. Does anyone know for sure whether this is a reasonable approach?
Just a few minutes later, Robert Dale of CALGB replied:
I actually have code based on acegi-security 1.0.3 that provides an AuthenticationProvider, LogoutHandler, AuthenticationProcessingFilter, and AuthenticationProcessingFilterEntryPoint. I would be more than happy to donate to OpenSSO extensions if they want it.
How can you refuse an offer like that? Actually, it turns out that Robert had also done some work with Seraph (Atlassian’s security framework, used by Jira and Confluence). So, this morning I created two new ‘Authentication Provider’ OpenSSO Extensions - one for Spring and one for Seraph - and Robert checked in his code. If you’ve been scratching your head, wondering how to integrate OpenSSO with Spring or Seraph, go check ‘em out!
Comments
Robert Dale
Actually, I'm of CALGB - http://www.calgb.org
Thanks.
Pat Patterson
Fixed - thanks for the correction, Robert.
Javier Piscoya
Hi,
I'm very keen on using OpenSSO with Acegui / Spring Security (have applications secured with both versions). I followed the link to: https://opensso.dev.java.net/public/extensions/#authnproviders
However some things seems to be missing, I could get the source code (not via cvs, always timeout when connecting to the server), but not some files like:
AMConfig.properties
applicationContext-acegi-security.xml
pom.xml
Is there a way to get those files?
Cheers,
Javier
Pat Patterson
Hi Javier,
I didn't write the Acegi/Spring integration, but if you email the [email protected] mailing list you'll be able to reach people who are working with it. To subscribe:
1. Go to https://www.dev.java.net/servlets/Join and register for a java.net account.
2. Go to https://opensso.dev.java.net/servlets/ProjectMembershipRequest and request 'Observer' role on OpenSSO.
3. Go to https://opensso.dev.java.net/servlets/ProjectMailingListList and subscribe to '[email protected]'.
Cheers,
Pat
Leave a Comment
Your email address will not be published. Required fields are marked *