Waffle + spring security Mixed authentication

Arnaud MERGEY

unread,

Sep 1, 2020, 12:25:28 PM9/1/20

to waffle

Hello,

Currently we use tomcat mixed sso/form authentication valve 'like this https://code.dblock.org/2010/05/27/tomcat-single-sign-on-mixed-with-form-authentication-w-waffle.html).

We are migrating to spring security and it seems we lost this feature.

Is there a way to configure spring security with waffle to be able to perform mixed negociate or form authentication ?

If not are there any plans ? or it is not there because of some technical issues ? is it worth trying to propose a contribution for this ?

Thanks,

Arnaud

Daniel D.

unread,

Sep 1, 2020, 12:54:16 PM9/1/20

to waffle...@googlegroups.com

I believe this was for lack of trying, so if you can make it work, definitely PR it.

--
You received this message because you are subscribed to the Google Groups "waffle" group.
To unsubscribe from this group and stop receiving emails from it, send an email to waffle-users...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/waffle-users/8752073d-aaec-4f2f-9d28-5de5a3334030n%40googlegroups.com.

--

dB. | Moscow - Geneva - Seattle - New York
code.dblock.org - t:@dblockdotorg - ig:@artdblockdotorg - github/dblock

Arnaud MERGEY

unread,

Sep 15, 2020, 10:02:41 AM9/15/20

to waffle

Hello,

After spending more time on this. I manage to make things work (without having anything to code).

To summarize, what I did was to :

Add to my spring security configuration a dedicated spring-security entry point to enable waffle negociate authentication (the configuration of the entry point follows what is described in waffle documentation)

<security:http pattern="/waffle" entry-point-ref="negotiateSecurityFilterEntryPoint">

<security:intercept-url pattern="/**" access="isAuthenticated()" />

<security:custom-filter ref="waffleNegotiateSecurityFilter" position="BASIC_AUTH_FILTER" />

</security:http>

Add a link "waffle sso" to ma custom login page redirecting to /waffle url

That's all I needed to do, and it seems to work so far, I can either click on the link to trigger waffle entry point which authenticate me using OS credentials, otherwise if I set a user/password in the login form it uses "regular" spring-security configuration I have defined for global entry point.

Arnaud

Daniel D.

unread,

Sep 15, 2020, 10:45:07 AM9/15/20

to waffle...@googlegroups.com

You should contribute a doc/FAQ, please.

--
You received this message because you are subscribed to the Google Groups "waffle" group.
To unsubscribe from this group and stop receiving emails from it, send an email to waffle-users...@googlegroups.com.

To view this discussion on the web visit https://groups.google.com/d/msgid/waffle-users/1f4ffcec-707a-4d5e-9fe5-ccf6fb4ad4efn%40googlegroups.com.

Yasin As

unread,

Mar 12, 2021, 2:42:42 AM3/12/21

to waffle

Hello,

are there any java examples for the Waffle + spring security Mixed authentication. Or how can i rewrite this xml code you mentioned in Java?