Hi Benoy - Great to hear that you are interested in taking on KNOX-192! I think Kevin's questions are a great start.
* I think that we have to determine how generic a solution it is either across providers or even across Ping products. I know that there is a Ping Federate in addition to other solutions. Are you proposing a solution that would integrate with one or more of these and can we find out specifically? * I also assume that we are talking about consuming a token that was the result of a previous Ping based authentication - not that we will be collecting credentials and authenticating against Ping. If this is correct, we are really talking about a federation provider rather than an authentication provider. This distinction is mostly informational and we may collapse the two into a security provider type at some point. * I think that updating the Jira with some of these details as an introduction to a proposal that answers Kevin's questions would be great. In terms of what the module will need to consist of - you can use gateway-provider-security-shiro as an example of an authentication provider. The central component for a security provider is the servlet filter that does the processing/validation of the identity token. We can talk through the other components in the shiro provider as needed in order to spin up a proper Ping provider. This process will also be great to derive documentation for developing provider from! Looking forward to your contribution, Benoy. thanks, --larry On Tue, Nov 19, 2013 at 10:57 PM, Kevin Minder <[email protected] > wrote: > Hey Benoy, > Glad you have some time to get this going. Lets continue this > conversation on dev@knox. I'm guessing you are asking about which module > this should go in. My thinking is that this would go in a separate module > probably called gateway-provider-security-ping or something similar. If > after some quick discussion that is the right answer I'd be happy to create > a skeleton for you. We should start though with getting an understanding > of how to approach the Ping integration. To start with I have questions > like: > 1) What will be added to the REST request when Ping is being used? > 2) How will that be validated? Callback to ping? Cryptographically? > 3) How do you see group membership being obtained when Ping is used for > SSO? > 4) Other things that I hope Larry will be able to think of... > Kevin. > > > On 11/19/13 10:49 PM, Benoy Antony wrote: > >> Larry, Kevin, >> >> hope you are keeping fine. >> If its appropriate, I can take up https://issues.apache.org/ >> jira/browse/KNOX-192 as I have some bandwidth now. >> >> I have the new master version of knox and have the eclipse workspace >> based on it. If I can take up this task, could you please let me know which >> project should have this integration code ? >> >> thanks , >> Benoy >> >> > > -- > CONFIDENTIALITY NOTICE > NOTICE: This message is intended for the use of the individual or entity > to which it is addressed and may contain information that is confidential, > privileged and exempt from disclosure under applicable law. If the reader > of this message is not the intended recipient, you are hereby notified that > any printing, copying, dissemination, distribution, disclosure or > forwarding of this communication is strictly prohibited. If you have > received this communication in error, please contact the sender immediately > and delete it from your system. Thank You. >
