I will write an article on how to do it. thanks, dimuthu
On Mon, Mar 19, 2012 at 1:33 PM, Dimuthu Leelarathne <[email protected]>wrote: > Hi Samisa, > > OpenIDConsumer is our realm for authenticating users. We need to write a > sample on how to do it. > > thanks, > dimuthu > > > On Mon, Mar 19, 2012 at 11:24 AM, Samisa Abeysinghe <[email protected]>wrote: > >> Folks, did we ever make any more progress on this? >> >> >> On Thu, Oct 20, 2011 at 10:16 AM, Dimuthu Leelarathne >> <[email protected]>wrote: >> >>> Hi, >>> >>> Furthermore after doing this Google setup feature I gained more insight >>> view on how things should be. I discovered how flexible and powerful >>> how OpenIDConsumer is. It is like our OpenID realm. >>> >>> tx, >>> dimuthu >>> >>> >>> On Thu, Oct 20, 2011 at 10:06 AM, Dimuthu Leelarathne <[email protected] >>> > wrote: >>> >>>> Hi, >>>> >>>> This is how I see it. >>>> >>>> Ingrating Basic Auth with OpenID is not something straight forward. >>>> Basic auth sends 401 status code to browser and OpenID is totally different >>>> thing. So I think integrating Basic Auth with OpenID is not a practical >>>> thing. >>>> >>>> However whenever someone want to use OpenID logins with Carbon >>>> framework, they can use OpenIDConsumer and do it in 10 lines of java code. >>>> 5 lines to redirect - and 5 lines to verify. >>>> >>>> My point of view is latter is the proper way. >>>> >>>> thanks, >>>> dimuthu >>>> >>>> On Thu, Oct 20, 2011 at 9:10 AM, Samisa Abeysinghe <[email protected]>wrote: >>>> >>>>> What is the ETA for this? I need this very badly, for some wso2.comtenant >>>>> apps. >>>>> >>>>> Also, do we have a workaround for role based auth, till we get this >>>>> done? >>>>> >>>>> >>>>> On Fri, Sep 23, 2011 at 12:33 PM, Dimuthu Leelarathne < >>>>> [email protected]> wrote: >>>>> >>>>>> Hi, >>>>>> >>>>>> On Fri, Sep 23, 2011 at 12:13 PM, Muhammed Shariq <[email protected]>wrote: >>>>>> >>>>>>> Hi Thilina, >>>>>>> >>>>>>> This discussion surfaced in one of the reviews and DimuthuL has >>>>>>> already created a Stratos Jira at [1] to track this requirement. It says >>>>>>> GoogleAppTomcatRealm, wonder if it could be OpenIdTomcatRealm? That way >>>>>>> we >>>>>>> can support multiple open id providers. >>>>>>> >>>>>>> [1] - https://wso2.org/jira/browse/STRATOS-890 >>>>>>> >>>>>>> >>>>>>> >>>>>> Yes. This JIRA was intended to implement this feature. I will try to >>>>>> implement the feature for 1.5.3. >>>>>> >>>>>> thanks, >>>>>> dimuthu >>>>>> >>>>>> >>>>>> >>>>>>> On Fri, Sep 23, 2011 at 12:05 PM, Samisa Abeysinghe < >>>>>>> [email protected]> wrote: >>>>>>> >>>>>>>> This problem surfaced when we tried to deploy WSO2 WES app onto >>>>>>>> wso2.com tenant, which is authenticated with Google auth. >>>>>>>> >>>>>>>> Good that we found this limitation. Can we fix this for 1.5.3 >>>>>>>> release the right way, and till then we can live with the proposed >>>>>>>> workaround. >>>>>>>> >>>>>>>> >>>>>>>> On Fri, Sep 23, 2011 at 12:00 PM, Thilina Buddhika < >>>>>>>> [email protected]> wrote: >>>>>>>> >>>>>>>>> Hi Folks, >>>>>>>>> >>>>>>>>> At the moment, we facilitate a securing mechanism for web apps >>>>>>>>> deployed under tenants based on HTTP Basic Auth and Form Auth. We >>>>>>>>> have overridden the default in-memory realm of Tomcat with >>>>>>>>> CarbonTomcatRealm which will authenticate users against the Carbon >>>>>>>>> user >>>>>>>>> store. So this model works fine as far as all the user credentials are >>>>>>>>> stored in the Carbon user store. >>>>>>>>> >>>>>>>>> In the case of the tenants which are authenticated through Google >>>>>>>>> Auth, this model does not work. Because we use Google as the Identity >>>>>>>>> Provider and we do not store credentials for that users. >>>>>>>>> >>>>>>>>> There are two approaches to address this issue. >>>>>>>>> >>>>>>>>> - Implementing the webapp in a way that it can act as an OpenID >>>>>>>>> relying party which can authenticate users using their OpenIDs >>>>>>>>> - Implementing a OpenID realm which can perform the OpenID >>>>>>>>> authentication on behalf of the webapp and making it a part of the >>>>>>>>> Carbon >>>>>>>>> Core. >>>>>>>>> >>>>>>>>> From these two the latter approach is the correct way of >>>>>>>>> implementing this. >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>>> Thilina >>>>>>>>> >>>>>>>>> -- >>>>>>>>> Thilina Buddhika >>>>>>>>> Associate Technical Lead >>>>>>>>> WSO2 Inc. ; http://wso2.com >>>>>>>>> lean . enterprise . middleware >>>>>>>>> >>>>>>>>> phone : +94 77 44 88 727 >>>>>>>>> blog : http://blog.thilinamb.com >>>>>>>>> >>>>>>>>> _______________________________________________ >>>>>>>>> Stratos-dev mailing list >>>>>>>>> [email protected] >>>>>>>>> https://wso2.org/cgi-bin/mailman/listinfo/stratos-dev >>>>>>>>> >>>>>>>>> Thanks, >>>>>>>> Samisa... >>>>>>>> >>>>>>>> Samisa Abeysinghe >>>>>>>> VP Engineering >>>>>>>> WSO2 Inc. >>>>>>>> http://wso2.com >>>>>>>> http://wso2.org >>>>>>>> >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Stratos-dev mailing list >>>>>>>> [email protected] >>>>>>>> https://wso2.org/cgi-bin/mailman/listinfo/stratos-dev >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> >>>>>>> -- >>>>>>> Thanks, >>>>>>> Shariq. >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Stratos-dev mailing list >>>>>>> [email protected] >>>>>>> https://wso2.org/cgi-bin/mailman/listinfo/stratos-dev >>>>>>> >>>>>>> >>>>>> Thanks, >>>>> Samisa... >>>>> >>>>> Samisa Abeysinghe >>>>> VP Engineering >>>>> WSO2 Inc. >>>>> http://wso2.com >>>>> http://wso2.org >>>>> >>>>> >>>>> >>>> >>> Thanks, >> Samisa... >> >> Samisa Abeysinghe >> VP Engineering >> WSO2 Inc. >> http://wso2.com >> http://wso2.org >> >> >> > > > -- > Dimuthu Leelarathne > Technical Lead > > WSO2, Inc. (http://wso2.com) > email: [email protected] > > Lean . Enterprise . Middleware > > -- Dimuthu Leelarathne Technical Lead WSO2, Inc. (http://wso2.com) email: [email protected] Lean . Enterprise . Middleware
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
