headers
Jérôme Leleu (JIRA | 1 Jul 2012 14:38
Picon
Favicon

[jira] [Created] (SHIRO-373) Complete CAS remember-me support

Jérôme Leleu created SHIRO-373:
----------------------------------

             Summary: Complete CAS remember-me support
                 Key: SHIRO-373
                 URL: https://issues.apache.org/jira/browse/SHIRO-373
             Project: Shiro
          Issue Type: Bug
            Reporter: Jérôme Leleu

I was preparing a demo on CAS support for Shiro : https://github.com/leleuj/cas-shiro-demo and I did
realize the remember-me feature is not fully addressed.

One use case is missing : if the user is already remembered (by CAS) and want to be authenticated, it should be
redirected to CAS server with a specific parameter (renew=true) to force CAS re-authentication.
For this use case, I created a CasAuthenticatedUserFilter which checks if the user is authenticated (not
remembered) and sends him to the CAS server if he's not (with the specific parameter to force
re-authentication if he's already remembered).

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators: https://issues.apache.org/jira/secure/ContactAdministrators!default.jspa
For more information on JIRA, see: http://www.atlassian.com/software/jira
Permalink | Reply | 4 comments |
headers
Jérôme Leleu (JIRA | 1 Jul 2012 14:40
Picon
Favicon

[jira] [Updated] (SHIRO-373) Complete CAS remember-me support


     [
https://issues.apache.org/jira/browse/SHIRO-373?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]

Jérôme Leleu updated SHIRO-373:
-------------------------------

    Attachment: svn-CasAuthenticatedUserFilter.patch

> Complete CAS remember-me support
> --------------------------------
>
>                 Key: SHIRO-373
>                 URL: https://issues.apache.org/jira/browse/SHIRO-373
>             Project: Shiro
>          Issue Type: Bug
>            Reporter: Jérôme Leleu
>         Attachments: svn-CasAuthenticatedUserFilter.patch
>
>
> I was preparing a demo on CAS support for Shiro : https://github.com/leleuj/cas-shiro-demo and I did
realize the remember-me feature is not fully addressed.
> One use case is missing : if the user is already remembered (by CAS) and want to be authenticated, it should
be redirected to CAS server with a specific parameter (renew=true) to force CAS re-authentication.
> For this use case, I created a CasAuthenticatedUserFilter which checks if the user is authenticated (not
remembered) and sends him to the CAS server if he's not (with the specific parameter to force
re-authentication if he's already remembered).

--
This message is automatically generated by JIRA.
(Continue reading)

Permalink | Reply | 0 comments |
headers
jleleu | 1 Jul 2012 14:43
Picon
Gravatar

Complete CAS remember-me support

Hi Les,

I was preparing a demo on CAS support for Shiro :
https://github.com/leleuj/cas-shiro-demo and I did realize the remember-me
feature is not fully addressed.

One use case is missing : if the user is already remembered (by CAS) and
want to be authenticated, it should be redirected to CAS server with a
specific parameter (renew=true) to force CAS re-authentication.
For this use case, I created a CasAuthenticatedUserFilter which checks if
the user is authenticated (not remembered) and sends him to the CAS server
if he's not (with the specific parameter to force re-authentication if he's
already remembered).

I created a JIRA SHIRO-373 and attached the SVN patch.

I'm waiting for your feedback.

Thanks.
Best regards,
Jérôme

--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-tp7577498.html
Sent from the Shiro Developer mailing list archive at Nabble.com.
Permalink | Reply | 10 comments |
headers
Jérôme Leleu (JIRA | 1 Jul 2012 14:45
Picon
Favicon

[jira] [Commented] (SHIRO-373) Complete CAS remember-me support


    [
https://issues.apache.org/jira/browse/SHIRO-373?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13404720#comment-13404720
] 

Jérôme Leleu commented on SHIRO-373:
------------------------------------

I started a discussion on Shiro dev mailing list here : http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-td7577498.html.

                
> Complete CAS remember-me support
> --------------------------------
>
>                 Key: SHIRO-373
>                 URL: https://issues.apache.org/jira/browse/SHIRO-373
>             Project: Shiro
>          Issue Type: Bug
>            Reporter: Jérôme Leleu
>         Attachments: svn-CasAuthenticatedUserFilter.patch
>
>
> I was preparing a demo on CAS support for Shiro : https://github.com/leleuj/cas-shiro-demo and I did
realize the remember-me feature is not fully addressed.
> One use case is missing : if the user is already remembered (by CAS) and want to be authenticated, it should
be redirected to CAS server with a specific parameter (renew=true) to force CAS re-authentication.
> For this use case, I created a CasAuthenticatedUserFilter which checks if the user is authenticated (not
remembered) and sends him to the CAS server if he's not (with the specific parameter to force
re-authentication if he's already remembered).
(Continue reading)

Permalink | Reply | 0 comments |
headers
jleleu | 8 Jul 2012 14:31
Picon
Gravatar

Re: Add OAuth support for Shiro

Hi,

Did you get some time to look at my OAuth client module for Shiro ?

I am very excited about your feedback and adding OAuth support in Shiro.

Just let me know if I can ease your code review by any means.

Best regards,
Jérôme

--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Add-OAuth-support-for-Shiro-tp7240738p7577500.html
Sent from the Shiro Developer mailing list archive at Nabble.com.
Permalink | Reply | 3 comments |
headers
jleleu | 8 Jul 2012 14:55
Picon
Gravatar

Re: Complete CAS remember-me support

Hi,

I don't know if you have been able to take a look at this also.

Maybe It could help if I moved my public CAS demo from github to samples in
Shiro...

Best regards,
Jérôme

--
View this message in context: http://shiro-developer.582600.n2.nabble.com/Complete-CAS-remember-me-support-tp7577498p7577501.html
Sent from the Shiro Developer mailing list archive at Nabble.com.
Permalink | Reply | 9 comments |
headers
Romain Manni-Bucau (JIRA | 9 Jul 2012 08:56
Picon
Favicon

[jira] [Commented] (SHIRO-372) provide some integration with wss4j


    [
https://issues.apache.org/jira/browse/SHIRO-372?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13409225#comment-13409225
] 

Romain Manni-Bucau commented on SHIRO-372:
------------------------------------------

The shiro validator proposed in the zip needs the clear password on the server side, to avoid it the
following implementation is fine:

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.UsernamePasswordToken;
import org.apache.shiro.subject.Subject;
import org.apache.ws.security.WSSecurityException;
import org.apache.ws.security.handler.RequestData;
import org.apache.ws.security.message.token.UsernameToken;
import org.apache.ws.security.validate.UsernameTokenValidator;

public class ShiroValidator extends UsernameTokenValidator {
     <at> Override
    protected void verifyPlaintextPassword(final UsernameToken usernameToken, RequestData data)
throws WSSecurityException {
        final Subject subject = SecurityUtils.getSubject();
        try {
            login(subject, usernameToken.getName(), usernameToken.getPassword());
            logout(subject);
        } catch (AuthenticationException ae) {
            throw new WSSecurityException("can't log '" + usernameToken.getName() + "'");
(Continue reading)

Permalink | Reply | 0 comments |
headers
Thibault TIGEON | 9 Jul 2012 09:30
Picon
Gravatar

CDI and WSS4J integration

I think that both integrations are a real and recurrent need in  business.

Do you think that both JIRAs will be integrated to the next  release ?
https://issues.apache.org/jira/browse/SHIRO-337
https://issues.apache.org/jira/browse/SHIRO-372

Indeed, we use CDI and WSS4J in the SOAP WS development on a daily basis.

Regards,

Thibault
Permalink | Reply | 3 comments |
headers
Les Hazlewood | 9 Jul 2012 18:09
Picon
Favicon

1.2.1 Release

Hi folks,

Unless anyone makes any objections, I'd like to make an effort to
create a bug-fix release (1.2.1) sometime this week.  I'll start the
process probably on Wednesday as I'll be busy before then.

If anyone has any thoughts on this, please let me know, otherwise,
I'll start the process as soon as I can.

Thanks,

--
Les Hazlewood |  <at> lhazlewood
CTO, Stormpath | http://stormpath.com |  <at> goStormpath | 888.391.5282
Stormpath wins GigaOM Structure Launchpad Award! http://bit.ly/MvZkMk
Permalink | Reply | 9 comments |
headers
Jared Bunting | 9 Jul 2012 18:15
Gravatar

Re: 1.2.1 Release

Do we have a list of targeted fixes?  Or just what's currently on the 
maintenance branch?  Should we go through minor fixes that are just in 
trunk and attempt to backport them?  (I don't have anything in mind, 
I'd have to look a bit...just seems if we're going to do a bug-fix 
release, we should fix as much as we can.)

Thanks,
Jared

On Mon 09 Jul 2012 11:09:42 AM CDT, Les Hazlewood wrote:
> Hi folks,
>
> Unless anyone makes any objections, I'd like to make an effort to
> create a bug-fix release (1.2.1) sometime this week.  I'll start the
> process probably on Wednesday as I'll be busy before then.
>
> If anyone has any thoughts on this, please let me know, otherwise,
> I'll start the process as soon as I can.
>
> Thanks,
>
> --
> Les Hazlewood |  <at> lhazlewood
> CTO, Stormpath | http://stormpath.com |  <at> goStormpath | 888.391.5282
> Stormpath wins GigaOM Structure Launchpad Award! http://bit.ly/MvZkMk
Permalink | Reply | 8 comments |

Gmane