Thanks for replying Jan, your comments got me thinking and I now have everything working. I am quite new to CAS and I am still working off the rough edges in my knowledge. I was getting confused with the Spring Security UserDetailsService which handles the authorisation. I had forgotten that all it needs is the user roles for Magnolia when using CAS and I can simply return a default set of values. This is slightly different to the examples (which throw the UsernameNotFoundException) I used when working out how to get CAS going. When I revisited how it worked (re-reading the spring docs) I got a better understanding of why it was failing when the user was not in the db. Many thanks.
Jan Haderka-2 wrote: > > > On Thu, 2009-07-09 at 16:04 -0700, doahh wrote: >> >> I am wondering what would be involved in creating a user in the magnolia >> database from an external application. I assume that the app would need >> to >> be JCR aware: >> >> 1) Is that a lot of work to implement? > It really depends what you want to do. If you have Magnolia EE, you can > share repository access between Magnolia and other webapp running in > same JVM. > Otherwise you can always add your own filter or servlet into the > Magnolia filter chain and have it handle any kind of requests you want > to make that way. > >> 2) Are users specific to Magnolia or are users defined by the JCR >> specification and can be created/retrieved without having to also >> integrate >> the Magnolia jars into the external application? > > Users in Magnolia are Magnolia specific. You can also switch user > manager to use external users. Lots of people tend to use LDAP or AD for > user management instead of having users directly in Magnolia. MAybe this > would be a solution for you too. > >> >> The reason for asking is that users are created in the external app but >> are >> checked for authorisation by CAS using Spring Security. If the user does >> not >> exist in the Magnolia database then Spring Security throws an error and >> refuses access to magnolia by throwing an UserNotFoundException. To code >> around Spring is not possible as there are some custom coded Spring >> Security >> filters that need to run on every request. > > I don't really see what are you trying to achieve or how is that a > problem. If the user is already created then you should not have a > problem to check for the authorization. Surely you are not trying to > access Magnolia as a user you are trying to create, but as an existing > user that has all the necessary rights to create other users, and only > after you succeed in creating new user you try to check for > authorization, no? > > Jan > > > ---------------------------------------------------------------- > For list details see > http://www.magnolia-cms.com/home/community/mailing-lists.html > To unsubscribe, E-mail to: <[email protected]> > ---------------------------------------------------------------- > > > -- View this message in context: http://www.nabble.com/Read-write-to-database-from-external-application-tp24419298p24429648.html Sent from the Magnolia - User mailing list archive at Nabble.com. ---------------------------------------------------------------- For list details see http://www.magnolia-cms.com/home/community/mailing-lists.html To unsubscribe, E-mail to: <[email protected]> ----------------------------------------------------------------
