acegi security login without manual password entering
Question
We used form based acegi security login in our application. But now we want to pass login and password information from another application, so opening of our application must be transparent for the user (without requesting to enter name and password, while valid name and password already specified and known). Unfortunately this seems to be hard or messy task. Searched internet and this site but still have no clear understanding how such procedure can be accomplished. Ideal would be a possibility to pass name and password in URL while open application, but can't see if acegi security provides such way of login at all. Maybe some other ways present? We need to open java interface from php based web site.
thanks.
1 answers
solution1
1 2013-03-27 21:03:48
What you're looking for is a singl-sign on framework of which Spring Security (formerly Acegi) is not. Generally how this is accomplished using such a framework is that you intercept a call to a protected resource. If a certain token isn't present you redirect them to a single-sign on page where they enter their credentials. If they're authenticated the token is passed around and that is what is checked to make sure the user is authenticated. you can use Spring Security to integrate with a single-sign on solution but it can't operate as one.
What youre looking for is something like http://www.jasig.org/cas or Crowd from Atlassian.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.