I have project based on JHipster and I have to implement CAS authentication to have SSO to 2 applications (one is this java jHipster project and another is php app). I found sample configuration in spring docs, but it uses xml configuration. Is there any existing implementation/tutorial using java configuration for CAS client? I'm totally new on this topic, so every hint will be useful.
I've just made a project example with jhipster and CAS auth : https://github.com/jgribonvald/demo-spring-cas-angular.git
feedback is welcome ;)
Related
I require references or guides for creating working java project with SSO using SAML 2.0 with ADFS and AD.
I tried with link (https://www.journaldev.com/21773/azure-ad-sso-java-adfs-sso) but not able to complete (ADFS Configuration for Single Sign-On SSO) part.
Please guide.
If you want to use ADFS, you need the ADAL Java library.
Note that most of the documentation is for Azure AD but the principles are the same.
There are some examples here.
In particular, this sample shows the changes required to work with ADFS.
I'm trying to integrate my Spring app with governmental system responsible for user's authentication (SAML). The main concept is that "my" app is receiving already logged user with so called assertion. And the point is how can I customize Spring Security to recognize mentioned before assertion as proof that user is authenticated. Or maybe should I write my own filters instead of using Spring Security?
Unfortunately I can't share the code - company policy ;(
Any feedback is appreciated.
Maciek
If you receive a SAML assertion (it's easy to see, it's a whole XML packet), you absolutely need a library to deal with that complexity.
pac4j (security engine for Java) supports the SAML protocol. So either you keep Spring Security and use the pac4j extension for Spring Security: spring-security-pac4j or you directly use the pac4j security libraries for Spring MVC/Boot: spring-webmvc-pac4j or for J2E: j2e-pac4j for example.
I'm using Spring-Boot and annotation based Spring-Security and I would like to use another site as one of my authentication providers.
I search on google but not getting any proper example or related solutions.
Let me know how can I implement Single sign on for 2 different application.
Please Guide.
Thank You.
You could use Jasig CAS to implement SSO and it is supported by Spring Security: https://docs.spring.io/spring-security/site/docs/3.0.x/reference/cas.html
You can use #EnableOAuth2Sso on your spring-boot application set some properties: client id, client secret, token endpoint for your oauth2 server, etc.
This tutorial is for an angularJS client on spring-boot but the server side is similar: https://spring.io/blog/2015/02/03/sso-with-oauth2-angular-js-and-spring-security-part-v
A Customer of ours decided to apply Active Directory Federation Services (ADFS)
and we use J2EE Technology.
The question is: how could I Integrate between my jsp/servlet website and ADFS?
Is there any sample code to integrate?
I have successfully used the PAC4J library to integrate our Java EE application with ADFS 2.0 (and also other SAML 2.0 IdP servers).
Home page: http://www.pac4j.org/
Source code: https://github.com/leleuj/pac4j
There is also a demo project which shows how to use PAC4J to integrate your code with various authentication server, including Shibboleth (a SAML IdP). It does not use ADFS but you can easily customize it.
Have a look at README-ADFS.txt located in the root directory of PAC4J source code.
I've been looking for a very basic example of using LDAP authentication in Spring 3.1. In the docs for the security download I found a page similar to this one
http://static.springsource.org/spring-security/site/docs/3.0.x/reference/sample-apps.html
3.3 LDAP Sample
The LDAP sample application provides a basic configuration and sets up
both a namespace configuration and an equivalent configuration using
traditional beans, both in the same application context file. This
means there are actually two identical authentication providers
configured in this application.
Trouble is, it is not there in the distribution or I am having a brain fart. Can anyone tell where I can find it or another modern Spring LDAP sample?
Thanks in advance
Steve
It's only in svn. You can find it in this URL. Take a look to /samples/samples-utils/ directory.
As it says at the start of the Spring Security samples chapter that you refer to:
To avoid an overly large download, only the "tutorial" and "contacts" samples are included in the distribution zip file. The others can be built directly from the source which you can obtain as described in the introduction.
So you need to use git to clone the repository and build the samples to get the LDAP authentication sample.
Not that Spring LDAP is a different project from Spring Security. Spring Security uses Spring LDAP for LDAP integration.