Hi
On 09/03/15 12:11, Basic Danijel wrote:
Hi Sergey,
Thanks for your response.
I'm looking forward to seeing the new filter in action. In the meantime,
I'll try your alternatives.
SAML SSO docs are here:
http://cxf.apache.org/docs/saml-web-sso.html
Do "CXF OAuth2" in Google and follow a link to my current employer's GIT
repo and check a jaxrs_oauth2/sso demo. SAML SSO is demoed against
Shibboleth. Colm is doing SAML SSO in Fediz too.
OIDC SSO is a work in progress, the RP code is becoming close to the
final version but a bit more work is needed, the only source so far is
this Big Query demo (actual Big Query is not demoed yet, only
authentication against Google+):
https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f=distribution/src/main/release/samples/jax_rs/big_query/src/main/java/demo/jaxrs/server/BigQueryService.java;h=79d73b864f103e8b0863cfb737d39f268c3b85de;hb=HEAD#l99
> Is there a defect (or a feature request) opened for this, so it could be
> possible to track the progress?
>
https://issues.apache.org/jira/browse/CXF-4780
Cheers, Sergey
Regards,
Danijel
On Mon, Mar 9, 2015 at 11:26 AM, Sergey Beryozkin <[email protected]>
wrote:
Hi
This filter has not been made capable of supporting a FORM-based login - a
long pending issue exists. This is a second question in the last couple of
months about using the filter with FORM-based logins, I'll actually give a
try and see if I can make it work for CXF 3.0.5.
Here are the alternatives:
- Use a servlet level FORM based support
- Consider SAML Web SSO - we support it
OpendIdConnect SSO work is in progress - we have a utility code in place -
I can point to it if it might make sense in your case.
But as I said, I'll see if I can support a filter supporting a form login,
that would definitely simplify the simple SSO management in some cases...
Thanks, Sergey
On 08/03/15 21:37, Basic Danijel wrote:
Hi all,
I'm currently developing web app running on karaf. The app has the
frontend
written in Angular JS and the backend is REST webservice (CXF JAX-RS).
The requirement is that all pages have to be secured. I decided to go with
FORM based authentication (configured in web.xml).
For CXF REST webservice I
use org.apache.cxf.jaxrs.security.JAASAuthenticationFilter (configured in
blueprint.xml).
Both parts are configured to use the same realm.
The problem is the following: when I try to access a protected page, I
need
to log in twice (server and cxf authentication).
How can I get rid of this problem, ie. to have only server authentication
(and automatically be authenticated on REST part)?
Btw, if I use BASIC authentication, then one login appears and everything
is working as expected.
Regards,
Danijel
