Spring Security Core - Multiple Login Sources

Hi,

I'm trying to figure out how to allow for multiple login sources in my web-app. I think this might be very simple, I've been scratching my head over the documentation for a while.

I need to have a normal login (e.g. webapp.com/login) with my database. I also need to allow for users to log in with CAS, OpenID and others. Now the question is how do I do it simultaneously? I am able to do each one separately.

Further, say we have actually multiple external CAS servers each from different organizations, how would I configure it so that users can login accessing their own CAS? Is it possible to add multiple CAS Authentication providers?

How?

Thank you so much in advance! I've been struggling with this question for a while.

Best regards,

I Have been looking through the authentication provider interface, but I don't know how to do it.

daninus14 wrote

Hi,

I'm trying to figure out how to allow for multiple login sources in my web-app. I think this might be very simple, I've been scratching my head over the documentation for a while.

I need to have a normal login (e.g. webapp.com/login) with my database. I also need to allow for users to log in with CAS, OpenID and others. Now the question is how do I do it simultaneously? I am able to do each one separately.

Further, say we have actually multiple external CAS servers each from different organizations, how would I configure it so that users can login accessing their own CAS? Is it possible to add multiple CAS Authentication providers?

How?

Thank you so much in advance! I've been struggling with this question for a while.

Best regards,

The authentication providers are the hooks that perform the authentication for a particular set of credentials.  Authentication providers are used with your ProviderManager, which is in turn used by other pieces of the system when authentication needs to take place.  Multiple authentication providers can be used to support a flexible system, but you have to wire the beans together in the configuration.

For Grails, you can configure them in your resources.xml/groovy, and then declarae them in Config.groovy:

http://burtbeckwith.github.com/grails-spring-security-core/docs/manual/guide/10%20Authentication%20Providers.html

Here is the provider manager documentation
http://static.springsource.org/spring-security/site/docs/3.1.x/reference/core-services.html#core-services-authentication-manager

Presumably the grails config definition populates a provider manager for you, so you just need to identify your authentication provider.

I haven't done anything above and beyond username and passwords, which are easily interchanged as authentication providers (e.g. swapping from a DB backed authentication provider to an LDAP backed authentication provider). 

Since you are looking at CAS, I would recommend looking at the CAS documentation.  Perhaps start with the basics - simple username/password database authentication provider, and then add CAS once you have that working.

Al