RE: [Acegisecurity-developer] SiteMinder Integeration with spring richclient
Amad, Most client-server apps I've seen require that the user authenticates into the *client's* entry point and not at the server's entry point, thay way each request to the server includes a pre-authenticated principal. Siteminder assumes that all requests come to the server *first* so that it can redirect the browser to a login page as required. I don't think Siteminder is what you want for your rich-client project, and since Siteminder is usually backed by an LDAP server, you may wish to authenticate directly to that. I understand that Luke has been working hard on greatly improved LDAP code in, and since the last version. Scott From: Amad Fida [mailto:[EMAIL PROTECTED] Sent: Saturday, January 21, 2006 5:19 PMTo: acegisecurity-developer@lists.sourceforge.netSubject: Re: [Acegisecurity-developer] SiteMinder Integeration with spring richclient Thanks, Scott. I didn't realize that this could be such a big problem. As rich client uses spring services to interact with server-side and there is acegi authentication manager in place. And if there was some SiteMinderAuthenticationProvider which can be plugged in here, wouldn't that solve my problem?AmadScott McCrory <[EMAIL PROTECTED]> wrote: I've never seen Siteminder used to protect client-side apps because we've always used it as a server-side ISAPI filter or Apache module. I'd recommend first checking with Siteminder to see what their solutions are for rich client apps, then once you know the mechanism of how the user's identity is passed into your app, then you can figure out what kind of adapter is necessary. Good luck! Scott Quoting Amad Fida <[EMAIL PROTECTED]>:> All ->> We have spring rcp based app, which is deployed using Java Webstart. > In rich client case there is method level security and not the URL > filter based security. And we also have our own login dialog which we > present user at startup to authenticate.>> I am not sure how do we use SiteMinder authentication in this setup?>> One possibility is to protected the jnlp link and use the Siteminder > authentication filters but once authenticated how does the richclient > knows about that authentication to get authorization info?>> Any ideas or help will he greatly appreciated.>> Amad>>>> -> Yahoo! Photos> Ring in the New Year with Photo Calendars. Add photos, events, > holidays, whatever. Yahoo! Photos – Showcase holiday pictures in hardcoverPhoto Books. You design it and we’ll bind it!
Re: [Acegisecurity-developer] SiteMinder Integeration with spring richclient
Thanks, Scott. I didn't realize that this could be such a big problem. As rich client uses spring services to interact with server-side and there is acegi authentication manager in place. And if there was some SiteMinderAuthenticationProvider which can be plugged in here, wouldn't that solve my problem?AmadScott McCrory <[EMAIL PROTECTED]> wrote: I've never seen Siteminder used to protect client-side apps because we've always used it as a server-side ISAPI filter or Apache module. I'd recommend first checking with Siteminder to see what their solutions are for rich client apps, then once you know the mechanism of how the user's identity is passed into your app, then you can figure out what kind of adapter is necessary.Good luck!ScottQuoting Amad Fida <[EMAIL PROTECTED]>:> All ->> We have spring rcp based app, which is deployed using Java Webstart. > In rich client case there is method level security and not the URL > filter based security. And we also have our own login dialog which we > present user at startup to authenticate.>> I am not sure how do we use SiteMinder authentication in this setup?>> One possibility is to protected the jnlp link and use the Siteminder > authentication filters but once authenticated how does the richclient > knows about that authentication to get authorization info?>> Any ideas or help will he greatly appreciated.>> Amad -> Yahoo! Photos> Ring in the New Year with Photo Calendars. Add photos, events, > holidays, whatever. Yahoo! Photos Showcase holiday pictures in hardcover Photo Books. You design it and well bind it!
Re: [Acegisecurity-developer] SiteMinder Integeration with spring richclient
I've never seen Siteminder used to protect client-side apps because we've always used it as a server-side ISAPI filter or Apache module. I'd recommend first checking with Siteminder to see what their solutions are for rich client apps, then once you know the mechanism of how the user's identity is passed into your app, then you can figure out what kind of adapter is necessary.Good luck!ScottQuoting Amad Fida <[EMAIL PROTECTED]>:> All ->> We have spring rcp based app, which is deployed using Java Webstart. > In rich client case there is method level security and not the URL > filter based security. And we also have our own login dialog which we > present user at startup to authenticate.>> I am not sure how do we use SiteMinder authentication in this setup?>> One possibility is to protected the jnlp link and use the Siteminder > authentication filters but once authenticated how does the richclient > knows about that authentication to get authorization info?>> Any ideas or help will he greatly appreciated.>> Amad -> Yahoo! Photos> Ring in the New Year with Photo Calendars. Add photos, events, > holidays, whatever.