Win a copy of Kotlin in Action this week in the Kotlin forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic

Apache Oltu or where to start  RSS feed

 
John Stephens
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have almost no experience in Java. And have some trouble understanding all related frameworks and other pieces. I want to implement OAuth 2 authorization server using Apache Oltu. Honestly not sure from where to start. There are not step by step instructions for Oltu to try some examples. So I've started with installing Play Framework for Java and hoping to use Oltu classes. But from my initial understanding it will not work because Oltu uses servlet classes. And it's a headache to implement those in play framework.

I would appreciate any advice where to look at and what to use for auth server. The thing is I want to strart some practical coding but keep reading Java, then play framework then oAuth2. And I feel I still need to read without starting something. By the way if it helps I have a bit experience with VertX Java, but again that doesn't seem good fit for me.

Vahan
 
Knute Snortum
Sheriff
Posts: 4073
112
Chrome Eclipse IDE Java Postgres Database VI Editor
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
This will be very challenging for an inexperienced Java developer.  But let me try to get some things straight first.

You seem to have picked out the technologies, but can we go back to what you are trying to do?  You want to get an OAuth server running, correct?  (Or do you already have a server and want to authorize through it?)  What OS is the server?  Linux is the best OS for a server, but do you know Linux administration?  If you're using Windows for the server, you may need to learn C# (but not necessarily).

What is the client?  How do they connect?  Using a web browser?  Does the client have to be Java?  Can it be PHP, or Python and JavaScript?

So there are a lot of questions that need to be answered before we continue.
 
John Stephens
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

I have Ubuntu 16.04 server and, yes, I want to setup auth server. No sure where to go. And then have a resource server using Play framework. For the client part I'm not quite sure. I can use PHP or Python or Java. The client will be another web server.

I have experience building API using PHP but I didn't follow any OAuth2 specs. I just want to achieve 2 things:
1) Improve my knowledge in building secure APIs
2) Improve my Java skills

Thanks for your response.
 
Knute Snortum
Sheriff
Posts: 4073
112
Chrome Eclipse IDE Java Postgres Database VI Editor
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I googled oauth 2.0 server oltu java linux and looking around I found this:

https://github.com/hasanozgan/apache-oltu-oauth2-provider-demo

No idea if it's good or not, but I didn't see anything that would make it glaringly wrong.  Good README file.  Last touched 10 months ago.
 
John Stephens
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks. It looks good to me. But the problem that I don't understand what is serving as a web server on auth server. Is it Jersey or Tomcat? From LAMP perspective I can't use PHP code without having an apache server. I see Java code, classes, etc but don't understand if I have to use Tomcat or I can use something else.
 
Knute Snortum
Sheriff
Posts: 4073
112
Chrome Eclipse IDE Java Postgres Database VI Editor
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
You're going to need a container server like Tomcat to run the server in.  Jersey would work too, evidently, but I'm not familiar with JAX-RS.

You're also going to need Maven to build the project.  You've gotten me interested in this, so I'm going to fork and clone the project to see if I can get it running.  If you want to clone my fork of the project so we can share modifications to it, it's here:

https://github.com/ksnortum/apache-oltu-oauth2-provider-demo
 
John Stephens
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks Knute, It's so nice of you

Forked the project. Will start with Tomcat installation.
 
Knute Snortum
Sheriff
Posts: 4073
112
Chrome Eclipse IDE Java Postgres Database VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Well, I'm having problems already.  I can't get the project to build.  This has nothing to do with Oltu, so I'll research it elsewhere.
 
John Stephens
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I feel ashamed because I'm moving really slow. I have to do this out of my working hours and out of my parenting hours. I'll try to move one and update you. Again thanks a lot. Please update me if you get some luck with it.
 
Knute Snortum
Sheriff
Posts: 4073
112
Chrome Eclipse IDE Java Postgres Database VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have the Maven problems licked... on to Tomcat.  Pull the pom.xml from my GitHub.
 
John Stephens
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Pulled the pom.xml. I have Tomcat 9 set up. But still not sure how to deploy my war file.
I have the following to folders:

/opt/tomcat-latest -> apache-tomcat-9.0.0.M26
/opt/auth-server

In the pom.xml I've added the following plugin:


I guess I have not just one but many mistakes and still trying to figure out how to deploy it. Am I in the right direction?
 
Knute Snortum
Sheriff
Posts: 4073
112
Chrome Eclipse IDE Java Postgres Database VI Editor
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Let's backup. 

1) Do you get a "It Works!" page when you browse to http://localhost:8080?
2) Can you browser to http://localhost:8080/manager/html/? (Probably not, since it's disabled by default.)  You don't *need* to do this, but I find it very helpful.
  2.1) Find the tomcat-users.xml file in the tomcat configuration folder.  You're on Linux, right?  It might be in /etc/tomcat9/.  (I don't have a Linux box available.)
  2.2) Add something like this in between the <tomcat-users> tags:

         Of course the username and password can be different.
  2.3) Restart tomcat.
3) Deploy war file.
  3.1) If you started the Manager page, scroll down to Deploy, section WAR file to Deploy, Choose the file and click the Deploy button.
  3.2) If not, move/copy your war file to the webapps folder and restart tomcat.
 
Tim Holloway
Bartender
Posts: 18709
71
Android Eclipse IDE Linux
  • Likes 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I don't use Maven to deploy stuff so I'm not well-informed on what it does for cases like this, but based on what I'm seeing, you should either see a "something.war" file in /opt/auth-server or a "something" directory under /opt/auth-server or both. If you find both, the directory will be used even if the war file is newer.

If you don't find either of those products, you're probably invoking the wrong Maven goal(s).
 
Knute Snortum
Sheriff
Posts: 4073
112
Chrome Eclipse IDE Java Postgres Database VI Editor
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
John Stephens wrote:
In the pom.xml I've added the following plugin:


I guess I have not just one but many mistakes and still trying to figure out how to deploy it. Am I in the right direction?

The tomcat-maven-plugin is a way to control tomcat deployment (and other things) with Maven.  I don't think you need it -- although you could use it instead of the Tomcat/Manager page.  I'm familiar with the manager page, so let's stick with that.
 
John Stephens
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Thanks guys, made it work. I didn't have time to test the token generation process. But will keep you updated.
 
Consider Paul's rocket mass heater.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!