hi
I am using Spring security 2.0.5 in my current project.
Can anybody please suggest me on how to get the count of currently logged in users to application.
I found a solution in forums for Security 3.0 using ConcurrentSessionControlStrategy but since it is not in 2.0.5, and it is not feasible for me to currently advance to 3.0
It is mentioned in a post in 'stack Overflow' to use ConcurrentSessionControllerImpl for the same.But I couldn't get the actual implementation of the same.
Thanks in Advance,
Mayank
Simply declare a bean of class SessionRegistryImpl and inject it in your bean and use its getAllPrincipals method.
Related
I'm using shiro in my grails app for authentication and authorization. Out corporate architecture uses a separate LDAP server for each country we have offices in. Its a lot. I'm trying to set a cookie from with in the shiro realm code that I can check on the next login. I've tried the grails cookie plugin but apparently can't get the injection to work into the realm code.
Has anyone gotten something similar to work, if so any hints?
It helps if I put the injection in the right place, outside the method.
Im trying to create a SP using SAML2, I see there is a good spring security extension for SAML, however the project that I'm working on does not have spring and I need to implement a SSO.
Reading at the extension documentation, seems that it can be use to no-spring projects, do you guys know if there are any code samples showing how to integrate both?
Thanks in advance...
there's an excellent blog (http://blog.samlsecurity.com/) which deals with Java and OpenSAML which i've used as a resource for much of my IdP implementation to test SAML/Spring (when using for the ServiceProvider)
Does anyone over here has experience integrating TAM with Grails spring security for single sign on. If so can you help me get a quick start or point to any tutorials.
Thanks
You would probably want to use Spring Security's pre authentication feature and examine the header sent from TAM. To do so you would write your own authentication provider which is really simple and just looks for the header. See this for some more information
I am trying to implement my own AuthenticationProvider in a grails project.
I am using the grails spring security core plugin.
However, I am having problem understanding how would I get the password from my grails domain class and compare it with the password passed in the argument in order to do the authentication.
Any help would be greatly appreciated.
Thank you.
I did a talk and blog post that included an example of a custom provider here: http://burtbeckwith.com/blog/?p=1090
As I understand, you are trying to use your own "User" domain class, with username, password,... and so on. Actually, we don't need to override AuthenticationProvider to do that. You can simply override UserDetailsService instead. All the things SpringSecurity needs is that you provide it with a UserDetails, it will do the password comparison for you, by the hash algorithm you specified in configuration.
For more details, you can refer here.
If it's not like I understand, please add some more code (what you achieve currently). A bit of code may help clear things out a lot.
I mean need different:
Login URL
Login out url
session time url
authentication provider
error page
css
for different entry point.
Is this possible?
From 3.1.0 (which is currently beta) it will support multiple <http> elements in the namespace.
So short answer:
In 3.1.x yes.
In 3.0.5.RELEASE no.
Longer aswer:
Here is additional info, check the links in the comments also.
I had a similar problem once, since I had multiple entry points.
A good way IMO would be to make a new login page which decides which login page to redirect to or even calls the logic of the other entry points. Then you can point spring to the new page.
I'm pretty sure this can be done inside the filter chain, but I wouldn't recommend it since you will need a lot of manual coding and bean definitions. Generally I don't think 3.0.5 was designed for multiple entry points.
With multiple <http../> elements, you can achieve most of what you want but the authentication manager is going to be common and that means authentication providers are going to be common. See the issue faced by #David Parks in the post Spring Security 3.1.0.RC1: With multiple elements why can I only register one authentication manager?.
You can see my answers to similar questions such as Configuring Spring Security 3.x to have multiple entry points and Authenticate user using external webservice in grails to develop custom code to execute entry point specific authentication providers. This can be implemented in 3.0.5 as well.
You can implement solution in 3.0.5 without multiple <http../> elements but you will be need to develop custom code to handle logout and error pages.
There is org.springframework.security.web.authentication.DelegatingAuthenticationEntryPoint
since 3.0.2.
It might help.