basicAuthentication with LDAP
95 views
Skip to first unread message
Romain Joachim
Feb 28, 2014, 4:25:45 AM2/28/14
to membrane...@googlegroups.com
Hello,
We want to protect our web services through membrane with a basic HTTP authentication that would check users/passwords in LDAP.
The problem is that the basicAuthentication uses a static user/password list in the proxy config file.
It looks like the Login interceptor is close to what we want except the token part.
Is there a way to disable the token part of the Login interceptor (skipping steps 5,6 and 7)
Thanks for your help.
Regards,
Romain Joachim
We want to protect our web services through membrane with a basic HTTP authentication that would check users/passwords in LDAP.
The problem is that the basicAuthentication uses a static user/password list in the proxy config file.
It looks like the Login interceptor is close to what we want except the token part.
Is there a way to disable the token part of the Login interceptor (skipping steps 5,6 and 7)
The login interceptor realizes the login workflow. If all information entered by the user is valid, the workflow is as follows:
- The unauthenticated user is redirected to a login dialog.
- The user enters her username and password. (Step 1.)
- (A numeric token is sent to the user via text message, in case the telekomSMSTokenProvider is used. Steps 5 and 6.)
- The user enters her token. (Step 7.)
- The user is redirected to the originally requested URL (or a generic URL, in case the login dialog was directly requested). (Step 8.)
Thanks for your help.
Regards,
Romain Joachim
Thomas Bayer
Feb 28, 2014, 4:53:02 AM2/28/14
to membrane...@googlegroups.com
Hi Romain,
i think it is possible to use the Login interceptor without the tokens. My coworker that developed the feature is at vacation till the end of next week. When he may give you a sample configuration. Hope that is not to late.
--
Thomas
Romain Joachim
Mar 3, 2014, 9:36:07 AM3/3/14
to membrane...@googlegroups.com
Hi,
Thanks for your answer, it's fine for us.
During that time I started to create my own interceptor with the example provided in the custom-interceptor folder.
I have juste a little problem to define child elements in my interceptor.
I would like to do like in the basicAuthentication interceptor with user child elements.
Is it possible to do so ?
Regards,
Romain Joachim
Thanks for your answer, it's fine for us.
During that time I started to create my own interceptor with the example provided in the custom-interceptor folder.
I have juste a little problem to define child elements in my interceptor.
I would like to do like in the basicAuthentication interceptor with user child elements.
Is it possible to do so ?
Regards,
Romain Joachim
Tobias Polley
Mar 8, 2014, 5:26:13 AM3/8/14
to membrane...@googlegroups.com
Hi Romain,
I converted your first email into github issues. Neither is major, but I currently cannot commit to any schedule.
https://github.com/membrane/service-proxy/issues/146
https://github.com/membrane/service-proxy/issues/147
But reading your second email I think you are already past that point anyways. So regarding custom language extensions:
Yes, it is possible to use the @MC* annotations for an easy way of extending the Membrane/Spring XML configuration language.
Basically, you have to
1. create your own project, preferrably using Maven.
2. add a dependency on service-proxy-annot and service-proxy-core
3. use the @MC* annotations in your code:
3a. one @MCMain annotation
3b. and as many @MCElement/@MCAttribute annontations as you like
4. activate the annotation processor
5. add META-INF/spring.handlers and META-INF/spring.schemas as resource files
6. implement a NamespaceHandler class for your new namespace (copy https://github.com/membrane/service-proxy/blob/master/war/src/main/java/com/predic8/membrane/servlet/config/spring/NamespaceHandler.java to your own java package).
Effectively you have to create your own namespace for the new Spring configuration elements you are about to define.
You need to:
A. Choose a namespace URI.
B. Choose a Java package for the parser classes. (Some autogenerated, some not.)
C. Choose a file name for the autogenerated XML Schema file. (will be put into the same java package)
D. (Possibly, if you want to make use of an XML editor) Upload the autogenerated XML schema file to some URL where your XML editor can retrieve it.
Then you write (step 3a)
@MCMain(
outputPackage="B",
outputName="C",
targetNamespace="A")
in the one place where your @MCMain is. (@MCMain just contains meta-information and activates the @MC... processing. Which class is annotated with @MCMain does not matter: Just use it once in your project.)
Declare your interceptor (step 3b), for example
@MCElement(name="myInterceptor", configPackage="B")
public class MyInterceptor extends AbstractInterceptor {
public String getFoo() {...}
@Required
@MCAttribute
public void setFoo(String foo) {...}
}
Write (step 5) one line
A=B
into META-INF/spring.handlers (where ':' is escaped by a '\' in A) and one line
A=B/C
into META-INF/spring.schemas (where ':' is escaped by a '\' in A and where '.' is replaced by '/' within B).
Then package your project with dependencies and start Membrane using a Spring context using a config file like
<spring:beans xmlns="http://membrane-soa.org/proxies/1/"
xmlns:spring="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:my="A"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://membrane-soa.org/proxies/1/ http://membrane-soa.org/schemas/proxies-1.xsd
A D">
<router>
<serviceProxy port="2000">
<my:myInterceptor foo="somevalue" />
<target host="www.predic8.de" />
</serviceProxy>
</router>
</spring:beans>
(Simply drop the "A D" line if you chose not to do D.)
All this is done by service-proxy-war, which I suggest you have a look at. In this case,
A = http://membrane-soa.org/war/1/
B = com.predic8.membrane.servlet.config.spring
C = router-conf.xsd
D = http://membrane-soa.org/schemas/war-1.xsd
The service-proxy-war source code can be found at
https://github.com/membrane/service-proxy/tree/master/war .
As we plan to write a tutorial for exactly this case, I'd be happy to talk you through any problems you run into. Unfortunately, we haven't started the tutorial yet - but now I'll use this email as a template. ;)
Best, Tobias
I converted your first email into github issues. Neither is major, but I currently cannot commit to any schedule.
https://github.com/membrane/service-proxy/issues/146
https://github.com/membrane/service-proxy/issues/147
But reading your second email I think you are already past that point anyways. So regarding custom language extensions:
Yes, it is possible to use the @MC* annotations for an easy way of extending the Membrane/Spring XML configuration language.
Basically, you have to
1. create your own project, preferrably using Maven.
2. add a dependency on service-proxy-annot and service-proxy-core
3. use the @MC* annotations in your code:
3a. one @MCMain annotation
3b. and as many @MCElement/@MCAttribute annontations as you like
4. activate the annotation processor
com.predic8.membrane.annot.SpringConfigurationXSDGeneratingAnnotationProcessorin your compiler.
5. add META-INF/spring.handlers and META-INF/spring.schemas as resource files
6. implement a NamespaceHandler class for your new namespace (copy https://github.com/membrane/service-proxy/blob/master/war/src/main/java/com/predic8/membrane/servlet/config/spring/NamespaceHandler.java to your own java package).
Effectively you have to create your own namespace for the new Spring configuration elements you are about to define.
You need to:
A. Choose a namespace URI.
B. Choose a Java package for the parser classes. (Some autogenerated, some not.)
C. Choose a file name for the autogenerated XML Schema file. (will be put into the same java package)
D. (Possibly, if you want to make use of an XML editor) Upload the autogenerated XML schema file to some URL where your XML editor can retrieve it.
Then you write (step 3a)
@MCMain(
outputPackage="B",
outputName="C",
targetNamespace="A")
in the one place where your @MCMain is. (@MCMain just contains meta-information and activates the @MC... processing. Which class is annotated with @MCMain does not matter: Just use it once in your project.)
Declare your interceptor (step 3b), for example
@MCElement(name="myInterceptor", configPackage="B")
public class MyInterceptor extends AbstractInterceptor {
public String getFoo() {...}
@Required
@MCAttribute
public void setFoo(String foo) {...}
}
Write (step 5) one line
A=B
into META-INF/spring.handlers (where ':' is escaped by a '\' in A) and one line
A=B/C
into META-INF/spring.schemas (where ':' is escaped by a '\' in A and where '.' is replaced by '/' within B).
Then package your project with dependencies and start Membrane using a Spring context using a config file like
<spring:beans xmlns="http://membrane-soa.org/proxies/1/"
xmlns:spring="http://www.springframework.org/schema/beans"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:my="A"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-3.0.xsd
http://membrane-soa.org/proxies/1/ http://membrane-soa.org/schemas/proxies-1.xsd
A D">
<router>
<serviceProxy port="2000">
<my:myInterceptor foo="somevalue" />
<target host="www.predic8.de" />
</serviceProxy>
</router>
</spring:beans>
(Simply drop the "A D" line if you chose not to do D.)
All this is done by service-proxy-war, which I suggest you have a look at. In this case,
A = http://membrane-soa.org/war/1/
B = com.predic8.membrane.servlet.config.spring
C = router-conf.xsd
D = http://membrane-soa.org/schemas/war-1.xsd
The service-proxy-war source code can be found at
https://github.com/membrane/service-proxy/tree/master/war .
As we plan to write a tutorial for exactly this case, I'd be happy to talk you through any problems you run into. Unfortunately, we haven't started the tutorial yet - but now I'll use this email as a template. ;)
Best, Tobias
Reply all
Reply to author
Forward
0 new messages