Re: Apache ISIS - Shiro - CAS Authentication

2016-09-16 Thread Dan Haywood 
Hi Uma,
How did you get on with these suggestions?

Also, would you be able to share the code you have (for integrating with
shiro-cas) in case others in the user community have the same use case

Thx
Dan


On 16 August 2016 at 05:54, uma narayan 
wrote:

> Hi,
> I need to integrate apache isis with shiro-cas. With shiro-cas I was able
> to authenticate and authorize successfully but still isis login page is
> presented is to me.
>
> Summarizing my application flow:1. CAS filter re-directs to CAS Login
> 2. CAS Realm performs authentication and authorization3. Then, apache isis
> login page is presented again.
>
> On analyzing the source code found that AuthenticatedWebSession is not
> created. Please provide me a solution to resolve this issue.
> Thanks for your help,Uma
>
>
>

Re: Apache ISIS - Shiro - CAS Authentication

2016-08-17 Thread Martin Grigorov 
Hi,

On Tue, Aug 16, 2016 at 10:16 PM, David Tildesley <
davo...@yahoo.co.nz.invalid> wrote:

> Hi Uma,
> Just an idea: you could extend  org.apache.isis.viewer.wicket.
> viewer.integration.wicket.WebRequestCycleForIsis
> 1. Check for a Wicket Session: org.apache.wicket.protocol.
> http.WebSession.get();
>

Small correction.
Session#get() acts as "get or create".
Use Session#exists() to check whether there is a session or not.


> 2. If none, assume the "container" has authenticated the user so then
> check HttpServletRequest for a remote user (getRemoteUser();)
> 3. If remote user exists then set the user in wicket:
> org.apache.wicket.authroles.authentication.AuthenticatedWebSession.get(0.signIn(username,
> ""):
>
> No doubt a few other things to take care of but may be a good starting
> point.
>
> David.
>
> On Tuesday, 16 August 2016 5:04 PM, uma narayan
>  wrote:
>
>
>  Hi,
> I need to integrate apache isis with shiro-cas. With shiro-cas I was able
> to authenticate and authorize successfully but still isis login page is
> presented is to me.
>
> Summarizing my application flow:1. CAS filter re-directs to CAS Login
> 2. CAS Realm performs authentication and authorization3. Then, apache isis
> login page is presented again.
>
> On analyzing the source code found that AuthenticatedWebSession is not
> created. Please provide me a solution to resolve this issue.
> Thanks for your help,Uma
>
>
>
>
>

Re: Apache ISIS - Shiro - CAS Authentication

2016-08-16 Thread David Tildesley 
Hi Uma,
Just an idea: you could extend  
org.apache.isis.viewer.wicket.viewer.integration.wicket.WebRequestCycleForIsis
1. Check for a Wicket Session: org.apache.wicket.protocol.http.WebSession.get();
2. If none, assume the "container" has authenticated the user so then check 
HttpServletRequest for a remote user (getRemoteUser();)
3. If remote user exists then set the user in wicket:  
org.apache.wicket.authroles.authentication.AuthenticatedWebSession.get(0.signIn(username,
 ""):

No doubt a few other things to take care of but may be a good starting point.

David. 

On Tuesday, 16 August 2016 5:04 PM, uma narayan 
 wrote:
 

 Hi,
I need to integrate apache isis with shiro-cas. With shiro-cas I was able to 
authenticate and authorize successfully but still isis login page is presented 
is to me. 

Summarizing my application flow:1. CAS filter re-directs to CAS Login 
2. CAS Realm performs authentication and authorization3. Then, apache isis 
login page is presented again.

On analyzing the source code found that AuthenticatedWebSession is not created. 
Please provide me a solution to resolve this issue.
Thanks for your help,Uma