Hi team,
i have integrated my spring security base web applilication using CAS server
and it works fine.
now i am trying to implement facebook login in it. so i did require
configuration on CAS server side
and in standalone CAS server its working ok.
But i am facing problem in integration of facebook login via cas to spring
security base web app.
When user visit site, homepage is display to user on which ther is link for
sign in. on clicking it user will be redirect to cas login page
on which there is option to login with facebook.
so user on click on login with fb link, facebook login page is display, user
enteres credential and user will be redirected
back to our web application.
so after redirection i want to invoke facebookAuthenticationFilter in which we
have implemented code to get fb unique id.
but i am not able to invoke it and while debugging found that control is going
to authenticationProviderFacebook bean.
my spring security configuration mentioned below.
<security:http entry-point-ref="casEntryPoint" auto-config="true">
<security:intercept-url pattern="/home"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:intercept-url pattern="/login"
access="ROLE_USER" />
<security:intercept-url pattern="/*.html"
access="IS_AUTHENTICATED_ANONYMOUSLY" />
<security:intercept-url pattern="/*.do"
access="ROLE_USER" />
<security:custom-filter position="CAS_FILTER"
ref="casFilter" />
<security:custom-filter
before="FORM_LOGIN_FILTER" ref="facebookAuthenticationFilter" />
<security:logout
logout-success-url="${cas.server.url}/logout?service=${application.service.url}/home"
invalidate-session="true"/>
</security:http>
<bean id="casEntryPoint"
class="org.springframework.security.cas.web.CasAuthenticationEntryPoint">
<property name="loginUrl"
value="${cas.server.url}/login"/>
<property name="serviceProperties" ref="serviceProperties"/>
</bean>
<security:authentication-manager alias="authenticationManager">
<security:authentication-provider
ref="casAuthenticationProvider" />
<security:authentication-provider
ref="authenticationProviderFacebook" />
</security:authentication-manager>
<bean id="casAuthenticationProvider"
class="org.springframework.security.cas.authentication.CasAuthenticationProvider">
<property
name="authenticationUserDetailsService">
<bean
class="org.springframework.security.core.userdetails.UserDetailsByNameServiceWrapper">
<constructor-arg ref="userDetailsService" />
</bean>
</property>
<property name="serviceProperties"
ref="serviceProperties" />
<property name="ticketValidator">
<bean
class="org.jasig.cas.client.validation.Cas20ServiceTicketValidator">
<constructor-arg index="0"
value="${cas.server.url}" />
</bean>
</property>
<property name="key" value="cas"/>
</bean>
<bean id="userDetailsService"
class="com.nihilent.venice.web.security.authenticationProvider.UserDetailServiceImpl">
<property name="loginService"
ref="loginService" />
</bean>
<bean id="serviceProperties"
class="org.springframework.security.cas.ServiceProperties">
<property name="service"
value="${application.service.url}/j_spring_cas_security_check"/>
<property name="sendRenew" value="false"/>
</bean>
<bean id="facebookAuthenticationFilter"
class="com.nihilent.venice.web.security.filter.CASFacebookAuthenticationFilter">
<property name="authenticationManager"
ref="authenticationManager" />
<property name="authenticationSuccessHandler"
ref="facebookAuthenticationSuccessHandler" />
<property name="authenticationFailureHandler"
ref="authenticationFailureHandler"></property>
</bean>
<bean id="authenticationProviderFacebook"
class="com.nihilent.venice.web.security.authenticationProvider.FacebookAuthenticationProvider">
<property name="roles"
value="ROLE_FACEBOOK_USER" />
</bean>
<bean id="facebookAuthenticationSuccessHandler"
class="com.nihilent.venice.web.security.handlers.VeniceFacebookAuthenticationSuccessHandler">
<property name="registrationService"
ref="facebookRegistrationService" />
<property name="facebookHelper"
ref="facebookHelper" />
</bean>
<bean id="facebookHelper"
class="com.nihilent.venice.web.util.impl.FacebookHelperImpl" />
and CASFacebookAuthenticationFilter.java has below code.
public class CASFacebookAuthenticationFilter extends
AbstractAuthenticationProcessingFilter {
/** The Constant DEFAULT_FILTER_PROCESS_URL. */
public static final String DEFAULT_FILTER_PROCESS_URL =
"/j_spring_facebook_security_check";
/**
* Instantiates a new venice facebook authentication filter.
*/
protected CASFacebookAuthenticationFilter() {
super(DEFAULT_FILTER_PROCESS_URL);
}
/*
* (non-Javadoc)
*
@seeorg.springframework.security.web.authentication.AbstractAuthenticationProcessingFilter#attemptAuthentication(javax.servlet.http.
* HttpServletRequest, javax.servlet.http.HttpServletResponse)
*/
public Authentication attemptAuthentication(HttpServletRequest req,
HttpServletResponse res) throws AuthenticationException,
IOException, ServletException {
HttpServletRequest request = req;
HttpServletResponse response = res;
System.out.println("------VENICE
VeniceFacebookAuthenticationFilterppppp-------");
Long uid = null;
if(request.getParameter("uid") != null &&
!"".equals(request.getParameter("uid"))){
uid = Long.valueOf(request.getParameter("uid"));
}
FacebookAuthenticationToken token = new
FacebookAuthenticationToken(uid);
token.setDetails(authenticationDetailsSource.buildDetails(request));
AuthenticationManager authenticationManager =
getAuthenticationManager();
Authentication authentication =
authenticationManager.authenticate(token);
return authentication;
}
}
where FacebookAuthenticationToken is custom class which extends
AbstractAuthenticationToken and it's methods.
and facebookauthenticationprovider has below logic.
public class FacebookAuthenticationProvider implements AuthenticationProvider {
/**
* Instantiates a new facebook authentication provider.
*/
public FacebookAuthenticationProvider() {
}
/*
* (non-Javadoc)
* @see
*
org.springframework.security.authentication.AuthenticationProvider#authenticate(org.springframework.security.core.Authentication)
*/
public Authentication authenticate(Authentication authentication) throws
AuthenticationException {
FacebookAuthenticationToken facebookAuthentication =
(FacebookAuthenticationToken) authentication;
System.out.println("---Facebook
--UUID-"+facebookAuthentication.getUid());
if (authentication instanceof FacebookAuthenticationToken) {
facebookAuthentication = (FacebookAuthenticationToken)
authentication;
//FacebookAuthenticationToken facebookAuthentication =
(FacebookAuthenticationToken) authentication;
if (facebookAuthentication.getUid() == null)
throw new BadCredentialsException("User not authenticated
through facebook");
if (roles == null)
roles = new String[0];
List authorities = new ArrayList();
String arr$[] = roles;
int len$ = arr$.length;
for (int i$ = 0; i$ < len$; i$++) {
String role = arr$[i$];
authorities.add(new GrantedAuthorityImpl(role));
}
FacebookAuthenticationToken succeedToken = new
FacebookAuthenticationToken(facebookAuthentication.getUid(), authorities);
succeedToken.setDetails(authentication.getDetails());
return succeedToken;
} else {
throw new AuthenticationCredentialsNotFoundException("Credential
not Found:::fdfdf");
}
}
/*
* (non-Javadoc)
* @see
org.springframework.security.authentication.AuthenticationProvider#supports(java.lang.Class)
*/
public boolean supports(Class authentication) {
boolean supports = true;//
FacebookAuthenticationToken.isAssignableFrom(authentication);
return supports;
}
/**
* Sets the roles.
*
* @param roles the new roles
*/
public void setRoles(String roles[]) {
this.roles = roles;
}
/**
* Gets the roles.
*
* @return the roles
*/
public String[] getRoles() {
return roles;
}
/** The roles. */
private String roles[];
Any help/hint will be greatly appreciated.
Thanks and Regards,
Rohit Kotecha
-**************Nihilent***************
" *** All information contained in this communication is confidential,
proprietary, privileged
and is intended for the addressees only. If youhave received this E-mail in
error please notify
mail administrator by telephone on +91-20-39846100 or E-mail the sender by
replying to
this message, and then delete this E-mail and other copies of it from your
computer system.
Any unauthorized dissemination,publication, transfer or use of the contents of
this communication,
with or without modifications is punishable under the relevant law.
Nihilent has scanned this mail with current virus checking technologies.
However, Nihilent makes no
representations or warranties to the effect that this communication is
virus-free.
Nihilent reserves the right to monitor all E-mail communications through its
Corporate Network. *** "
*************************************************************************-
--
You are currently subscribed to [email protected] as:
[email protected]
To unsubscribe, change settings or access archives, see
http://www.ja-sig.org/wiki/display/JSG/cas-user
