• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Security constraints, security roles and custom OpenID authentication

 
Greenhorn
Posts: 15
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I'm building a JEE6 project on a Glassfish server and I'm trying to authenticate in the following way:

-Use the JOpenId library to authenticate with Google Server
-Redirect to a servlet that requests Google Oauth2 access
-Redirect to a JSF index page that is restricted to authenticated users.

I could manually build authentication in every single webservice, web servlet and JSF page, but it's easy to forget this security rules, so I'd prefer to use a security mapping in web.xml.
As far as I can see however, the build in security provider is pretty limited to custom programmatic authentication. I don't want to use the predefined "form" authentication of Glassfish either, because I'm already using openid.
I'm trying to achieve something like this, but without form login.
http://stackoverflow.com/questions/9082208/programmatically-add-roles-after-authentication
When I try to edit an javax.security.auth.Subject object, it throws me a 'subject is read-only' error.

Any help on this one?
 
Ranch Hand
Posts: 73
Netbeans IDE Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
HI Jonathan... i am using form login. But on top of that i want to use jopenid. Can this be possible.
Thanks
 
reply
    Bookmark Topic Watch Topic
  • New Topic