Hey,
I see that shiro supports single sign on. We have multiple apps using shiro and would like to log into one and then link to the others from there without the need of logging into the others.
Has anyone done this with Grails and the Shiro plugin??? Is it even possible??? Thanks!
|
Hi John,
Dunno how relevant this is to your question, but we've used the Grails CAS client plugin to implement SSO over several Grails apps (and a legacy PHP one), just as you describe (i.e. log into one, you can then get into them all without logging in again). Fiddly to set up in places, but once it's up and running, it's fairly workable.
HTH Dave
On 30 November 2010 10:39, John Rellis <[hidden email]> wrote: Hey, -- Technical Lead/Architect Historic Futures Ltd. |
Hey Dave,
Thanks. I'll take note of this and have a look. Sounds sweet that you got it working with non Grails apps too!!!! Floor still open??? :) Anyone tried it in shiro??
Thanks again all! John
On Tue, Nov 30, 2010 at 11:00 AM, Dave Crane <[hidden email]> wrote: Hi John, -- John Rellis @johnrellis |
In reply to this post by johnrellis
> I see that shiro supports single sign on.
> We have multiple apps using shiro and would like to log into one and then > link to the others from there without the need of logging into the others. > Has anyone done this with Grails and the Shiro plugin??? Is it even > possible??? The standard approach for doing this is to use Shiro's native sessions, which are implemented via an EhCache distributed cache. Whether this approach works for you depends on whether all your applications are hosted in the same container or at least reference the same distributed cache. You can also use alternative cache implementations, but then you have to provide your own SessionDAO implementation. I don't think there is a CAS realm available at the moment, but it may not be too hard to write one. Peter -- Peter Ledbrook Grails Advocate SpringSource - A Division of VMware --------------------------------------------------------------------- To unsubscribe from this list, please visit: http://xircles.codehaus.org/manage_email |
Ok... great Peter, thanks for the clarification.
I am pushing to NOT have multiple apps in the same container so I may have to keep this quiet.... :) I have never looked at distributed caches though, sounds like a pretty tasty solution! I will discuss these options with my colleagues, thanks again Peter and Dave, I now have a bit more to go on.
On Tue, Nov 30, 2010 at 1:03 PM, Peter Ledbrook <[hidden email]> wrote:
-- John Rellis @johnrellis |
In reply to this post by pledbrook
We are in the process of trying to implement just this using SAML so any discussion on this topic would be welcome. We are a shiro user in multi tenant and trying to implement multiple types of SSO but in our case it is external SSO into our application.
Scott Ryan On Nov 30, 2010, at 6:03 AM, Peter Ledbrook wrote: >> I see that shiro supports single sign on. >> We have multiple apps using shiro and would like to log into one and then >> link to the others from there without the need of logging into the others. >> Has anyone done this with Grails and the Shiro plugin??? Is it even >> possible??? > > The standard approach for doing this is to use Shiro's native > sessions, which are implemented via an EhCache distributed cache. > Whether this approach works for you depends on whether all your > applications are hosted in the same container or at least reference > the same distributed cache. > > You can also use alternative cache implementations, but then you have > to provide your own SessionDAO implementation. > > I don't think there is a CAS realm available at the moment, but it may > not be too hard to write one. > > Peter > > -- > Peter Ledbrook > Grails Advocate > SpringSource - A Division of VMware > > --------------------------------------------------------------------- > To unsubscribe from this list, please visit: > > http://xircles.codehaus.org/manage_email > > --------------------------------------------------------------------- To unsubscribe from this list, please visit: http://xircles.codehaus.org/manage_email |
In reply to this post by johnrellis
Hi,
we implemented https://neon1.net/mod_auth_pubtkt/ in Java with an LDAP-Backend. Additionally we started to develop a Grails-Shiro-Plugin for this kind of SSO. - Moritz Am Tuesday den 30. November 2010 schrieb John Rellis: > Hey, > > I see that shiro supports single sign on. > > We have multiple apps using shiro and would like to log into one and then > link to the others from there without the need of logging into the others. > > Has anyone done this with Grails and the Shiro plugin??? Is it even > possible??? > > Thanks! > John > -- Wissen ist das einzige Gut, das sich vermehrt, wenn man es teilt. -- http://www.lagerkochbuch.ch --------------------------------------------------------------------- To unsubscribe from this list, please visit: http://xircles.codehaus.org/manage_email |
Wow great... thanks, will take a look when I can later :)
On Thu, Dec 2, 2010 at 2:27 PM, Moritz Kobel <[hidden email]> wrote: Hi, -- John Rellis @johnrellis |
Hi All,
I've recently migrated to apache shiro security and have been using the dbRealm so far. Now, I am planning to implement cas SSO using Shiro. Part of this, I've started off with grails create-cas-realm which did generate a casRealm for me. But then, I've got no clue on how to proceed further. I've been referring to http://shiro.apache.org/cas.html and trying to connect the shiro.ini with the generated casRealm. No luck yet!! Anybody implemented CAS SSO using Shiro and Grails? Thanks in advance. |
Free forum by Nabble | Edit this page |