Could I integrate external users into cf?

63 views
Skip to first unread message

Jamee

unread,
Jan 13, 2015, 4:22:09 AM1/13/15
to vcap...@cloudfoundry.org
I have an old user account system, and I want to use the user in the old system to login to cf. Can I integrate into uaa users in minimal configuration? That is users in old system can login into cf with credentials in old sytem.

Thanks a lot
------------------
Jamee

James Bayer

unread,
Jan 13, 2015, 10:56:45 AM1/13/15
to vcap...@cloudfoundry.org
this should be possible possible by implementing a Login Server endpoints and configuring the UAA to use your Login Server. the Login Server code was recently merged back into the UAA, but the endpoints are still there. i think this was discussed somewhat recently. you can see that the spring profiles determine where the account information comes from [1]. so you could look through that code to see the steps and ask sree/filip and others on the team what they'd recommend.

--
You received this message because you are subscribed to the Google Groups "Cloud Foundry Developers" group.
To view this discussion on the web visit https://groups.google.com/a/cloudfoundry.org/d/msgid/vcap-dev/01e676a2-c343-483d-b43b-cc02dbd34598%40cloudfoundry.org.

To unsubscribe from this group and stop receiving emails from it, send an email to vcap-dev+u...@cloudfoundry.org.



--
Thank you,

James Bayer

Jamee

unread,
Mar 2, 2015, 2:23:52 AM3/2/15
to vcap...@cloudfoundry.org
this should be possible possible by implementing a Login Server endpoints and configuring the UAA to use your Login Server.

Did you mean configuring the login as a client in uaa.yml? like following:
login:
id: login
override: true
secret: "loginsecret"
authorized-grant-types: authorization_code,client_credentials,refresh_token
authorities: oauth.login,notifications.write,critical_notifications.write,emails.write
scope: openid,oauth.approvals
redirect-uri: http://login.cf.com"
and login through login.cf.com? login server will get token from backend uaa?
the user account will both in old account system and uaa?
when login to cf, authorized by old account system and uaa?
when create/update user account, need to create/update them both?

If there is an example, that will be great helpful.

Sorry for late reply because of network problem.
----------
Thanks!
Jamee

在 2015年1月13日星期二 UTC+8下午11:56:45,jbayer写道:
Reply all
Reply to author
Forward
0 new messages