On 17/07/2015 09:23, Ajith Perur wrote:
I am very new to Java and J2EE and I am encountered with a case where in I
have to make use of Spring security for login to have its credentials stored
in Apache Syncope internal resource.Please help me,a template project would be
of great help.
Hi Ajith,
you basically need to provide Spring Security with a mean to delegate
the actual authentication to Apache Syncope; AFAICT this means providing
your custom AuthenticationProvider [1] where, in the authenticate()
method, you will embed the actual credential verification.
Regarding this specific point, I'd say you have a couple of options:
(a) call Syncope REST services from within the authenticate() method,
possibly empowering the SyncopeClient library; basically something like
as [2]:
SyncopeClient client = new SyncopeClientFactoryBean().
setAddress("http://localhost:9080/syncope/rest/";).
create("username", "password");
client.getService(UserSelfService.class).read();
where "username" and "password" are the credentials you need to verify
for authentication: the second statement is expected to throw an
Exception if credentials were not correct.
(b) configure Syncope for propagating user credentials to an external
resource (RDBMS will work, LDAP directory would be better) and then
implement the code for checking credentials against RDBMS / LDAP in the
authenticate() method
Option (a) is easier to implement but will involve Syncope directly in
the authentication process - which might not be the best solution,
depending on the expected load; option (b) requires a bit more setup on
Syncope but is more scalable.
I would say you'll need to develop some Java code anyway.
HTH
Regards.
[1] http://www.baeldung.com/spring-security-authentication-provider
[2] http://blog.tirasa.net/java-rest-client-library-for.html
--
Francesco Chicchiriccò
Tirasa - Open Source Excellence
http://www.tirasa.net/
Involved at The Apache Software Foundation:
member, Syncope PMC chair, Cocoon PMC, Olingo PMC
http://people.apache.org/~ilgrosso/
