On Mon, May 24, 2010 at 16:26, Luiz Marcelo Serique <[email protected]> wrote: > Hi, > > I'm new on list, and new on xwiki too, we have successfully deployed > the XWiki Enterprise 2.3 in our company, but there is some pre > requisites that we must accomplish to integrate the system to our SSO > aplication. The SSO is a very simple aplication that stores all users > and groups on a independent database, the SSO system have a interface > that shows, like a catalog, all the internal systems that a specific > person (logged in person) has access. The archictecture is very > simple, and almost time insecure, passing by GET parameter the > credentials to other systems in php, java, python, etc..., but this is > another point that we here have to discuss and adjust adjust. > > To provide this SSO to xwiki i was wondering create a Filter that > verify those GET parameters and programmatically authenticates the > user to XWiki and use the MyFormAuthenticator.authenticate() to > perform the login. > > But here come the question, the authenticate method needs a > XWikiContext object, is it possible to have this context in a Servlet > Filter? > > And you guys have some suggestions about my strategy? Any alternative > to what i want achieve?
The canonical way to implement SSO authentication is writing a Java class extending XWikiAuthServiceImpl. You can find some useful abstract for SSO authentication on http://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/xwiki-authentication-puma/src/main/java/com/xwiki/authentication/. By extending AbstractSSOAuthServiceImpl you just need to provide it proper information form you server and it will take care of properly synchronize user infos and membership (i need to integrate this in standard <hen i find some time). There is also several examples of SSO authenticators on http://svn.xwiki.org/svnroot/xwiki/contrib/sandbox/ (NTLM, trust, PUMA, ...). Only PUMA based one is using AbstractSSOAuthServiceImpl (that's the last one I wrote and finally decided to write some common tools for following authenticators ;)). > > -- > L. Marcelo > _______________________________________________ > devs mailing list > [email protected] > http://lists.xwiki.org/mailman/listinfo/devs > -- Thomas Mortagne _______________________________________________ devs mailing list [email protected] http://lists.xwiki.org/mailman/listinfo/devs
