Re: shiro + facebook

Mon, 14 Jun 2010 23:22:34 -0700 

Kalle,
    Reading
http://sacharya.com/facebook-connect-with-jsecurity-on-grails/?utm_source=feedburner&utm_medium=feed&utm_campaign=Feed:+sacharya+(Sudarshan+Acharya)&utm_content=Google+Reader

I got that I should be enoguh to define the password as

new Sha1Hash("randompassword").toHex()

Is it true? Is it safe?


On Tue, Jun 15, 2010 at 2:51 AM, Kalle Korhonen
<[email protected]>wrote:

> Roughly, you'd:
> 1) create an Oauth redirect page and extract the Oauth token from the
> response
> 2) call Subject.login with the authentication token as the credential
> 3) Implement another custom realm where you validate the Oauth for
> example by fetching "me" data with the given credentials (plus any
> other mixed local/federated security checks you might want to have
> such as accountLocked etc.)
>
> You can and should have multiple realms with Shiro, I'd leave the code
> below as is for authenticating against your local database.
>
> Kalle
>
>
> On Mon, Jun 14, 2010 at 10:24 PM, Fernando Wermus
> <[email protected]> wrote:
> > Hi all,
> >      Some users could authenticate through facebook or stand alone mode.
> So,
> > I need to reimplement the following method
> > @Override
> > protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken
> > authcToken) throws AuthenticationException {
> >         UsernamePasswordToken token = (UsernamePasswordToken) authcToken;
> >         UsuarioDAO usuarioDAO=new UsuarioDAO();
> >         Usuario user = usuarioDAO.buscarPorMail(token.getUsername());
> >
> >         if( user != null ) {
> >             return new SimpleAuthenticationInfo(user.getEmail(),
> > user.getClave(), "realmA");
> >         } else {
> >             return null;
> >         }
> > }
> > As I don't have anything similar to a password in a facebook
> authentication
> > - I don't know the password and I don't know anything that can work
> > similarly.
> > How can I incorporate facebook authentication to my shiro implementation?
> > Any help would be appreciate it.
> > My implementation is wicket-shiro impl.
> > Thanks in advance.
> >
> > --
> > Fernando Wermus.
> >
> > www.linkedin.com/in/fernandowermus
> >
>



-- 
Fernando Wermus.

www.linkedin.com/in/fernandowermus

Reply via email to