Hi, Yes. Now Carbon can fulfil the "customer authentication experiences" of Geneva server. The idea is that we have an interface to plugin to the Carbon UI [1]. So we can publish [1] as an API.
We did not provide an interface for the BE authentication purposely, to keep it open. Stemming from this, we can remove storing stuff in the session and move them to Axis Context hierarchy as you suggested. Thanks, DimuthuL [1] https://svn.wso2.org/repos/wso2/trunk/carbon/core/org.wso2.carbon.ui/src/main/java/org/wso2/carbon/ui/CarbonUIAuthenticator.java On Mon, Feb 8, 2010 at 8:50 PM, Afkham Azeez <az...@wso2.com> wrote: > Do we have an API/SDK sort of thing for identity integration, something > like the Geneva framework for application authentication? > > Azeez > > > On Mon, Feb 8, 2010 at 1:06 AM, Dimuthu Leelarathne <dimut...@wso2.com>wrote: > >> Hi, >> >> On Mon, Feb 1, 2010 at 10:52 AM, Prabath Siriwardena <prab...@wso2.com>wrote: >> >>> Hi; >>> >>> Please find the approach for integrating identity component for Carbon >>> authentication - DimuthuL and I will be working on this. >>> >>> Step - 1 >>> >>> 1- Decouple UI level authentication logic. Drop a bundle and it will be >>> picked automatically based on a configured priority level. >>> This bundle knows how to pick attributes related to the authentication >>> request and which back end service to be called. >>> >>> For example; right now in the UI bundle we have this logic. >>> >>> if (ssoSessionId != null && password == null) { >>> // This is SSO related login - we don't have the password. >>> // Now the back-end service need to validate ssoSession id >>> with back-end >>> // SSO-Service. >>> return new CarbonSSOAuthenticator(request); >>> } else if (ivuser != null) { >>> // If we have a value for this - then it's an authentication >>> request redirected by >>> // WebSeal. >>> return new WebSealAuthenticator(request); >>> } else { >>> return new DefaultCarbonAuthenticator(request); >>> } >>> >>> This limits the authentication for predefined - authentication routines. >>> With the above approach we won't have these hard coded authentication >>> routines. >>> >>> 2 - Cleaning up the back-end authentication admin service. Step - 1 will >>> have it's own corresponding back-end bundle. >>> >>> Steps- 1/2 will be a milestone release. >>> >> >> >> These are completed. Please find authenticators at[1]. Now people can drop >> authenticators to carbon framework and they will be automatically picked by >> Carbon. >> >> Thank you, >> DimuthuL >> >> [1]https://svn.wso2.org/repos/wso2/trunk/carbon/components/authenticators >> >> >> 3 - User core knows whether to use the integrated user store or an >>> Identity Server to delegate authentication. >>> >>> Steps- 1 /2/3 will be a milestone release. >>> >>> 4 - Using IS to handle permissions / XACML - this needs further review - >>> I will send a design on this shortly. >>> >>> This completes the $subject. >>> >>> Thanks & regards, >>> -Prabath >>> >>> Prabath Siriwardena wrote: >>> > Hi Samisa; >>> > >>> > I will start working on this from the end of this week and will keep >>> > the list updated.... >>> > >>> > Thanks & regards. >>> > -Prabath >>> > >>> > Samisa Abeysinghe wrote: >>> >> Have we started on this? We need this of Iridium. Please update. >>> >> >>> >> Samisa... >>> >> >>> >> On Fri, Jan 8, 2010 at 11:32 AM, Prabath Siriwardena >>> >> <prab...@wso2.com <mailto:prab...@wso2.com>> wrote: >>> >> >>> >> Afkham Azeez wrote: >>> >> > Have we started working on $subject instead of relying on >>> >> secured HTTP >>> >> > sessions? This is needed for the March release. >>> >> No.. still we have not started on this yet... There is a slot >>> >> allocated >>> >> under this topic for the off-site meeting [those who are not >>> >> there, but >>> >> in this list - we'll keep you updated] next week - so we can get >>> >> started >>> >> on following week. >>> >> >>> >> Thanks & regards. >>> >> -Prabath >>> >> > >>> >> > Thanks >>> >> > Afkham Azeez >>> >> > az...@wso2.com <mailto:az...@wso2.com> <mailto:az...@wso2.com >>> >> <mailto:az...@wso2.com>> >>> >> > WSO2 Inc. http://wso2.com >>> >> > Blog: http://afkham.org >>> >> > >>> >> >>> >> >>> ------------------------------------------------------------------------ >>> >> > >>> >> > _______________________________________________ >>> >> > Carbon-dev mailing list >>> >> > Carbon-dev@wso2.org <mailto:Carbon-dev@wso2.org> >>> >> > https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >> > >>> >> >>> >> >>> >> _______________________________________________ >>> >> Carbon-dev mailing list >>> >> Carbon-dev@wso2.org <mailto:Carbon-dev@wso2.org> >>> >> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >> >>> >> >>> >> >>> >> >>> >> -- >>> >> Samisa Abeysinghe >>> >> Director, Engineering - WSO2 Inc. >>> >> >>> >> http://www.wso2.com/ - "lean . enterprise . middleware" >>> >> >>> ------------------------------------------------------------------------ >>> >> >>> >> _______________________________________________ >>> >> Carbon-dev mailing list >>> >> Carbon-dev@wso2.org >>> >> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >> >>> > >>> > >>> >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> Carbon-dev@wso2.org >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >> >> >> _______________________________________________ >> Carbon-dev mailing list >> Carbon-dev@wso2.org >> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > > -- > -- > > Afkham Azeez > az...@wso2.com > WSO2 Inc. http://wso2.com > Blog: http://afkham.org > > _______________________________________________ > Carbon-dev mailing list > Carbon-dev@wso2.org > https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >
_______________________________________________ Carbon-dev mailing list Carbon-dev@wso2.org https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
