Thanks a million Francesco.I hope you are not troubled by me. I also will keep asking you doubts with any issues that I come across.Have a nice weekend.
On Fri, Jul 17, 2015 at 1:05 PM, Francesco Chicchiriccò <[email protected] > wrote: > On 17/07/2015 09:23, Ajith Perur wrote: > >> I am very new to Java and J2EE and I am encountered with a case where in I >> have to make use of Spring security for login to have its credentials >> stored >> in Apache Syncope internal resource.Please help me,a template project >> would be of great help. >> > > Hi Ajith, > you basically need to provide Spring Security with a mean to delegate the > actual authentication to Apache Syncope; AFAICT this means providing your > custom AuthenticationProvider [1] where, in the authenticate() method, you > will embed the actual credential verification. > > Regarding this specific point, I'd say you have a couple of options: > > (a) call Syncope REST services from within the authenticate() method, > possibly empowering the SyncopeClient library; basically something like as > [2]: > > SyncopeClient client = new SyncopeClientFactoryBean(). > setAddress("http://localhost:9080/syncope/rest/";). > create("username", "password"); > client.getService(UserSelfService.class).read(); > > where "username" and "password" are the credentials you need to verify for > authentication: the second statement is expected to throw an Exception if > credentials were not correct. > > > (b) configure Syncope for propagating user credentials to an external > resource (RDBMS will work, LDAP directory would be better) and then > implement the code for checking credentials against RDBMS / LDAP in the > authenticate() method > > Option (a) is easier to implement but will involve Syncope directly in the > authentication process - which might not be the best solution, depending on > the expected load; option (b) requires a bit more setup on Syncope but is > more scalable. > > > I would say you'll need to develop some Java code anyway. > > HTH > Regards. > > [1] http://www.baeldung.com/spring-security-authentication-provider > [2] http://blog.tirasa.net/java-rest-client-library-for.html > > -- > Francesco Chicchiriccò > > Tirasa - Open Source Excellence > http://www.tirasa.net/ > > Involved at The Apache Software Foundation: > member, Syncope PMC chair, Cocoon PMC, Olingo PMC > http://people.apache.org/~ilgrosso/ > > >
