Hi Sergey, Will take a look.
Thanks, Danijel On Mon, Mar 9, 2015 at 2:05 PM, Sergey Beryozkin <[email protected]> wrote: > Hi > On 09/03/15 12:11, Basic Danijel wrote: > >> Hi Sergey, >> >> Thanks for your response. >> >> I'm looking forward to seeing the new filter in action. In the meantime, >> I'll try your alternatives. >> > SAML SSO docs are here: > http://cxf.apache.org/docs/saml-web-sso.html > > Do "CXF OAuth2" in Google and follow a link to my current employer's GIT > repo and check a jaxrs_oauth2/sso demo. SAML SSO is demoed against > Shibboleth. Colm is doing SAML SSO in Fediz too. > > OIDC SSO is a work in progress, the RP code is becoming close to the final > version but a bit more work is needed, the only source so far is this Big > Query demo (actual Big Query is not demoed yet, only authentication against > Google+): > > https://git-wip-us.apache.org/repos/asf?p=cxf.git;a=blob;f= > distribution/src/main/release/samples/jax_rs/big_query/src/ > main/java/demo/jaxrs/server/BigQueryService.java;h= > 79d73b864f103e8b0863cfb737d39f268c3b85de;hb=HEAD#l99 > > > Is there a defect (or a feature request) opened for this, so it could be > > possible to track the progress? > > > > https://issues.apache.org/jira/browse/CXF-4780 > > Cheers, Sergey > > > > Regards, >> Danijel >> >> On Mon, Mar 9, 2015 at 11:26 AM, Sergey Beryozkin <[email protected]> >> wrote: >> >> Hi >>> >>> This filter has not been made capable of supporting a FORM-based login - >>> a >>> long pending issue exists. This is a second question in the last couple >>> of >>> months about using the filter with FORM-based logins, I'll actually give >>> a >>> try and see if I can make it work for CXF 3.0.5. >>> >>> Here are the alternatives: >>> - Use a servlet level FORM based support >>> - Consider SAML Web SSO - we support it >>> >>> OpendIdConnect SSO work is in progress - we have a utility code in place >>> - >>> I can point to it if it might make sense in your case. >>> >>> But as I said, I'll see if I can support a filter supporting a form >>> login, >>> that would definitely simplify the simple SSO management in some cases... >>> Thanks, Sergey >>> >>> >>> On 08/03/15 21:37, Basic Danijel wrote: >>> >>> Hi all, >>>> >>>> I'm currently developing web app running on karaf. The app has the >>>> frontend >>>> written in Angular JS and the backend is REST webservice (CXF JAX-RS). >>>> >>>> The requirement is that all pages have to be secured. I decided to go >>>> with >>>> FORM based authentication (configured in web.xml). >>>> For CXF REST webservice I >>>> use org.apache.cxf.jaxrs.security.JAASAuthenticationFilter (configured >>>> in >>>> blueprint.xml). >>>> >>>> Both parts are configured to use the same realm. >>>> >>>> The problem is the following: when I try to access a protected page, I >>>> need >>>> to log in twice (server and cxf authentication). >>>> >>>> How can I get rid of this problem, ie. to have only server >>>> authentication >>>> (and automatically be authenticated on REST part)? >>>> >>>> Btw, if I use BASIC authentication, then one login appears and >>>> everything >>>> is working as expected. >>>> >>>> Regards, >>>> Danijel >>>> >>>> >>>> >>> >> >
