i tried to implement SSO with pentaho based on this example: http://blog.datamensional.com/2011/07/pentaho-sso-setup-using-cas-and-ldap/ but i have some issues. i am using pentaho 4 and i want to change authentication datasource to mysql tables and tell pentaho to use them for authentication
Have you checked here:
http://infocenter.pentaho.com/help/topic/security_guide/task_auth_cas_sso.html?resultof=%22%73%73%6f%22%20
Or just search for "sso" on infocenter..
Related
We want to retrieve data from neo4j database using REST API from SharePoint page. Is there any authentication required for that like any tokens ? am new to neo4j world.
Thanks in advance.
Yes, you would generally want to ensure that your neo4j server has authentication enabled. Here is the dev manual section covering authentication and authorization.
We are using version 2.0 of tyk.io, and we wanted to know if there is a way to customize the tyk.io dashboard ui to use a custom authentication method such as Oauth2?
To clarify - Do you mean using OAuth for controlling access to the tyk dashboard itself?
If so, take a look at Tyk Identity Broker - that should do the trick. https://tyk.io/tyk-documentation/concepts/tyk-components-2/identity-broker/
I am new to Spring world and with the help of lots of information available online, I have pretty much developed Spring MVC Application I am working on currently.
Last piece I have to implement is to integrate OAM SSO in my application to use as authentication.
I searched a lot on web but couldn't find single example of implementing third party Authentication provider.
I finally realized that I have to use PreAuthentication but I am not sure how I would implement it.
I am unable to share my code because any thing I tried until now is not working and I feel that I haven't got right path yet.
Any help would be much appreciated.
To give you brief idea about OAM, OAM authenticates user ID and Passwords and sends you authenticated requests with a cookied, OBSSOCookie. Using this cookies, you need to contact OAM and get User ID and password and also User Roles (Authorities). Any request coming to your application is already authenticated so you do not need to authenticate again. all you need to do is, using this cookie, need to retrieve user Authorities.
For Spring MVC, you could use the spring-webmvc-pac4j security library, instead of Spring Security. Use a CookieClient to deal with the OBSSOCookie and create your own Authenticator to check this cookie against OAM.
I'am looking at the capabilities of WIF in terms of SSO. Actually we have a "legacy" users & rights management database under SQLServer and we like to build a brand new SSO system on top of this exsting database.
In many tutorials I found they talk about using existing STS like ADFSv2 for Active Directory authorization, but It did not fit my needs because my users/rights are not exposed through AD but in a custom a specific business oriented SQL Server database.
So, I thing I need a custom Security Token Service in order to be able to emit my own custom tokens, but I don't know how to do this.
I need some little help or an example about how to achieve this.
Thank you
You can find STS example in WIF SDK. It contain an example with custom token. Look here
More detail information about SSO I seen in a book 'Programming Windows Identity Foundation'
You can build your own Custom Security Token Service leveraging the underneath SQL Server database. You will have to define your scopes and Claims that needs to be shared after user does a Single Sign On. Here are some links to some articles below that has helped me build mine. I am pretty sure by following the below links you will be able to build a custom STS catering to your needs.
WIF : http://chris.59north.com/post/Building-a-simple-custom-STS-using-VS2012-ASPNET-MVC
http://www.primaryobjects.com/2013/08/08/using-single-sign-on-with-windows-identity-foundation-in-mvc-net/
Care to explain why #paullem's answer was deleted?
It is in fact the correct answer!
The question is about an STS that authenticates using a SQL DB. That is EXACTLY what IdentityServer does.
Since it's open source, you can customize it any way you want or else use it as a guide.
So to repeat the answer - "Take a look at Thinktecture.IdentityServer........".
Update
You want a custom STS that supports SAML protocol and authenticates against a SQL DB?
WIF won't do this for you.
You need to look at something like Shibboleth or simpleSAMLphp but they are not .NET based.
Or take IdentityServer and add a SAML stack to it.
Refer: SAML : SAML connectivity / toolkit.
Be warned: This is not a trivial exercise!
I have an old grails application (ex. one-app) that has springSecurity for logins. I created a new grails app (two-app) that uses multiple databases (the DB from one-app and a new one). I am deploying both using tomcat
ip.addr.10.10/one-app
ip.addr.10.10/two-app
My question is: I want to have access to both applications by logging in only once. Basically if the user logs in on either application, he would also have access to the other application without logging in again.
Is this possible? Thanks.
Yes, it is possible. You need to use SSO. Currently I use JOSSO for my grails applications (http://www.josso.org) combined with Spring Security.
You can configure RememberMe with exactly same configuration for both apps. After user login into any of application, Spring Security will setup special cookie, that can be reused from other app (mean athorized in another app as well).
See docs for Remember Me - http://grails-plugins.github.com/grails-spring-security-core/docs/manual/guide/9%20Authentication.html#9.3%20Remember-Me%20Cookie
A 3rd option would be to use the same OpenID provider for both applications.
One other approach would be drop Cookies which can be read by both the applications.