ideas for using facebook connect with the spring security plugin

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
11 messages Options
Reply | Threaded
Open this post in threaded view
|

ideas for using facebook connect with the spring security plugin

hanswesterbeek
Hi all,

I would like to get some feedback from you guys in coming up with an
approach to the following:

I have an application for which I would like users to be able to login
through 2 possibilities:
-1. through a regular login, fully handled by spring-security-core
-2. through facebook connect.

At this point, I have option 1 available. The rest of my application
code relies heavily on Spring Security for authorization.

So I need to add option 2.

Which steps should I take? Right now, I am thinking of developing a
grails plugin that extends spring security core to be able to handle
facebook logins. The spring-security-openid plugin could be a good
example. Furthermore, I should probably add some properties to my User
class to be able to store this user's facebook id. That way I can map
a Facebook User to my own domain's User.

Does that make sense?

Regards,
Hans

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

ideas for using facebook connect with the spring security plugin

hanswesterbeek
Hi all,

I would like to get some feedback from you guys in coming up with an
approach to the following:

I have an application for which I would like users to be able to login
through 2 possibilities:
-1. through a regular login, fully handled by spring-security-core
-2. through facebook connect.

At this point, I have option 1 available. The rest of my application
code relies heavily on Spring Security for authorization.

So I need to add option 2 and let it fit in nicely to the existing codebase.

Which steps should I take? Right now, I am thinking of developing a
grails plugin that extends spring security core to be able to handle
facebook logins. The spring-security-openid plugin could be a good
example. Furthermore, I should probably add some properties to my User
class to be able to store this user's facebook id. That way I can map
a Facebook User to my own domain's User.

Does that make sense?

Regards,
Hans

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

Re: ideas for using facebook connect with the spring security plugin

Patrick Schmidt
Hi Hans,

I had the same requirement. If you like, take a look at my solution:
https://github.com/pinut/grails-spring-security-facebook

Regards,
Patrick.

Am 24.02.2011 23:25, schrieb Hans Westerbeek:

> Hi all,
>
> I would like to get some feedback from you guys in coming up with an
> approach to the following:
>
> I have an application for which I would like users to be able to login
> through 2 possibilities:
> -1. through a regular login, fully handled by spring-security-core
> -2. through facebook connect.
>
> At this point, I have option 1 available. The rest of my application
> code relies heavily on Spring Security for authorization.
>
> So I need to add option 2 and let it fit in nicely to the existing codebase.
>
> Which steps should I take? Right now, I am thinking of developing a
> grails plugin that extends spring security core to be able to handle
> facebook logins. The spring-security-openid plugin could be a good
> example. Furthermore, I should probably add some properties to my User
> class to be able to store this user's facebook id. That way I can map
> a Facebook User to my own domain's User.
>
> Does that make sense?
>
> Regards,
> Hans
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>     http://xircles.codehaus.org/manage_email
>
>


---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

Re: ideas for using facebook connect with the spring security plugin

hanswesterbeek
Patrick,

Thanks! I'll look into that for sure.

I noticed that Burt Beckwith is also working on this. He made these
posts to this list:
http://grails.1312388.n4.nabble.com/Facebook-Connect-Plug-in-tp1353092p1353096.html

He also already has a github repo for the plugin, it's just that it's
empty for now :)

Seems like we should really team up, or at least be well aware of each
others efforts :)

Cheers,
Hans

On Fri, Feb 25, 2011 at 1:43 PM, Patrick Schmidt <[hidden email]> wrote:

> Hi Hans,
>
> I had the same requirement. If you like, take a look at my solution:
> https://github.com/pinut/grails-spring-security-facebook
>
> Regards,
> Patrick.
>
> Am 24.02.2011 23:25, schrieb Hans Westerbeek:
>> Hi all,
>>
>> I would like to get some feedback from you guys in coming up with an
>> approach to the following:
>>
>> I have an application for which I would like users to be able to login
>> through 2 possibilities:
>> -1. through a regular login, fully handled by spring-security-core
>> -2. through facebook connect.
>>
>> At this point, I have option 1 available. The rest of my application
>> code relies heavily on Spring Security for authorization.
>>
>> So I need to add option 2 and let it fit in nicely to the existing codebase.
>>
>> Which steps should I take? Right now, I am thinking of developing a
>> grails plugin that extends spring security core to be able to handle
>> facebook logins. The spring-security-openid plugin could be a good
>> example. Furthermore, I should probably add some properties to my User
>> class to be able to store this user's facebook id. That way I can map
>> a Facebook User to my own domain's User.
>>
>> Does that make sense?
>>
>> Regards,
>> Hans
>>
>> ---------------------------------------------------------------------
>> To unsubscribe from this list, please visit:
>>
>>     http://xircles.codehaus.org/manage_email
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>    http://xircles.codehaus.org/manage_email
>
>
>

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

Re: ideas for using facebook connect with the spring security plugin

scryan
In reply to this post by hanswesterbeek
I have developed a standalone plugin for integrating with Facebook and google to support federated logins as well as posting on walls etc.  It works with both spring security and shiro but I have not seen much demand for is with nimble and other solutions out there.  I will look at making the github repo public and finishing it up for publication to the plugin repo. in the meantime I would love to work with anyone that has interest in this area.

Scott Ryan

On Feb 24, 2011, at 3:25 PM, Hans Westerbeek wrote:

> Hi all,
>
> I would like to get some feedback from you guys in coming up with an
> approach to the following:
>
> I have an application for which I would like users to be able to login
> through 2 possibilities:
> -1. through a regular login, fully handled by spring-security-core
> -2. through facebook connect.
>
> At this point, I have option 1 available. The rest of my application
> code relies heavily on Spring Security for authorization.
>
> So I need to add option 2 and let it fit in nicely to the existing codebase.
>
> Which steps should I take? Right now, I am thinking of developing a
> grails plugin that extends spring security core to be able to handle
> facebook logins. The spring-security-openid plugin could be a good
> example. Furthermore, I should probably add some properties to my User
> class to be able to store this user's facebook id. That way I can map
> a Facebook User to my own domain's User.
>
> Does that make sense?
>
> Regards,
> Hans
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>    http://xircles.codehaus.org/manage_email
>
>


---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

Re: ideas for using facebook connect with the spring security plugin

hanswesterbeek
Scott,

For posting on walls you use the facebook graph API, correct? I have
seen that for that purpose there's yet another grails plugin available
:) https://github.com/chechu/grails-facebook-graph

Anyway, I think we need to concert our efforts to come up with a
high-quality (set of) plugins that is well maintained. Right now
efforts seems scattered across the community...

On Fri, Feb 25, 2011 at 3:42 PM, Scott Ryan <[hidden email]> wrote:

> I have developed a standalone plugin for integrating with Facebook and google to support federated logins as well as posting on walls etc.  It works with both spring security and shiro but I have not seen much demand for is with nimble and other solutions out there.  I will look at making the github repo public and finishing it up for publication to the plugin repo. in the meantime I would love to work with anyone that has interest in this area.
>
> Scott Ryan
>
> On Feb 24, 2011, at 3:25 PM, Hans Westerbeek wrote:
>
>> Hi all,
>>
>> I would like to get some feedback from you guys in coming up with an
>> approach to the following:
>>
>> I have an application for which I would like users to be able to login
>> through 2 possibilities:
>> -1. through a regular login, fully handled by spring-security-core
>> -2. through facebook connect.
>>
>> At this point, I have option 1 available. The rest of my application
>> code relies heavily on Spring Security for authorization.
>>
>> So I need to add option 2 and let it fit in nicely to the existing codebase.
>>
>> Which steps should I take? Right now, I am thinking of developing a
>> grails plugin that extends spring security core to be able to handle
>> facebook logins. The spring-security-openid plugin could be a good
>> example. Furthermore, I should probably add some properties to my User
>> class to be able to store this user's facebook id. That way I can map
>> a Facebook User to my own domain's User.
>>
>> Does that make sense?
>>
>> Regards,
>> Hans
>>
>> ---------------------------------------------------------------------
>> To unsubscribe from this list, please visit:
>>
>>    http://xircles.codehaus.org/manage_email
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>    http://xircles.codehaus.org/manage_email
>
>
>

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

Re: ideas for using facebook connect with the spring security plugin

scryan
I totally agree and would welcome working with others to get a great offering.  I think the following is needed and may be two distinct plugins:

1. Federated login via Facebook, Google, OpenId Linked in,, Etc that can be used along side any of the security mechanisms (shiro , spring security) but not be integrated with them
2. Communication with Social media including Facebook, Linked In, google, slideshare, etc.  Some may be through dedicated APIS and other via OpenSocial and Spring Social.  If we come up with clean interfaces you can use the same capability and just switch between providers.  

The next step is to gather the participants and do a skype call or some sort of conference to define the need.   I can dedicate lots of time to help get this started as i am working on it currently.   We can decide if it should be two plugins or just one.  We should leverage code from existing plugins into the new plugin as well as the authors.  A number of plugins offer this capability but they have become unsupported and we need a good solution that is supported by a number of developers.

Let me know your thoughts and everyone please chime in.


Scott Ryan
CTO
Soaring Eagle L.L.C.
[hidden email]
www.soaringeagleco.com




On Feb 25, 2011, at 8:02 AM, Hans Westerbeek wrote:

> Scott,
>
> For posting on walls you use the facebook graph API, correct? I have
> seen that for that purpose there's yet another grails plugin available
> :) https://github.com/chechu/grails-facebook-graph
>
> Anyway, I think we need to concert our efforts to come up with a
> high-quality (set of) plugins that is well maintained. Right now
> efforts seems scattered across the community...
>
> On Fri, Feb 25, 2011 at 3:42 PM, Scott Ryan <[hidden email]> wrote:
>> I have developed a standalone plugin for integrating with Facebook and google to support federated logins as well as posting on walls etc.  It works with both spring security and shiro but I have not seen much demand for is with nimble and other solutions out there.  I will look at making the github repo public and finishing it up for publication to the plugin repo. in the meantime I would love to work with anyone that has interest in this area.
>>
>> Scott Ryan
>>
>> On Feb 24, 2011, at 3:25 PM, Hans Westerbeek wrote:
>>
>>> Hi all,
>>>
>>> I would like to get some feedback from you guys in coming up with an
>>> approach to the following:
>>>
>>> I have an application for which I would like users to be able to login
>>> through 2 possibilities:
>>> -1. through a regular login, fully handled by spring-security-core
>>> -2. through facebook connect.
>>>
>>> At this point, I have option 1 available. The rest of my application
>>> code relies heavily on Spring Security for authorization.
>>>
>>> So I need to add option 2 and let it fit in nicely to the existing codebase.
>>>
>>> Which steps should I take? Right now, I am thinking of developing a
>>> grails plugin that extends spring security core to be able to handle
>>> facebook logins. The spring-security-openid plugin could be a good
>>> example. Furthermore, I should probably add some properties to my User
>>> class to be able to store this user's facebook id. That way I can map
>>> a Facebook User to my own domain's User.
>>>
>>> Does that make sense?
>>>
>>> Regards,
>>> Hans
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe from this list, please visit:
>>>
>>>    http://xircles.codehaus.org/manage_email
>>>
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe from this list, please visit:
>>
>>    http://xircles.codehaus.org/manage_email
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>    http://xircles.codehaus.org/manage_email
>
>


---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

Re: ideas for using facebook connect with the spring security plugin

hanswesterbeek
Hi Scott,

Great to find out that there's quite a few people in this boat :)

I also have the time & need to work on this now.

I have looked at Spring Social and at this moment they are at early
stages. They've also made Spring Social dependent of Spring 3.1 but
are considering to move that back to 3.0, which would be great news
for us Grails users. If we can use Spring Social as a basis for our
plugin(s) it will save us a lot of work.

I agree with you that there are two distinct functional areas:
federated login and communication with the social platforms. So to me,
that seems to point into the direction of having two seperate plugins:
one for authentication and one for communication

Can you elaborate on what you meant by "but not be integrated with
them", referring to integrating with Spring Security / shiro?

I also would like to participate in some sort of conference where we
define the needs.

Hans


On Fri, Feb 25, 2011 at 4:14 PM, Scott Ryan <[hidden email]> wrote:

> I totally agree and would welcome working with others to get a great offering.  I think the following is needed and may be two distinct plugins:
>
> 1. Federated login via Facebook, Google, OpenId Linked in,, Etc that can be used along side any of the security mechanisms (shiro , spring security) but not be integrated with them
> 2. Communication with Social media including Facebook, Linked In, google, slideshare, etc.  Some may be through dedicated APIS and other via OpenSocial and Spring Social.  If we come up with clean interfaces you can use the same capability and just switch between providers.
>
> The next step is to gather the participants and do a skype call or some sort of conference to define the need.   I can dedicate lots of time to help get this started as i am working on it currently.   We can decide if it should be two plugins or just one.  We should leverage code from existing plugins into the new plugin as well as the authors.  A number of plugins offer this capability but they have become unsupported and we need a good solution that is supported by a number of developers.
>
> Let me know your thoughts and everyone please chime in.
>
>
> Scott Ryan
> CTO
> Soaring Eagle L.L.C.
> [hidden email]
> www.soaringeagleco.com
>
>
>
>
> On Feb 25, 2011, at 8:02 AM, Hans Westerbeek wrote:
>
>> Scott,
>>
>> For posting on walls you use the facebook graph API, correct? I have
>> seen that for that purpose there's yet another grails plugin available
>> :) https://github.com/chechu/grails-facebook-graph
>>
>> Anyway, I think we need to concert our efforts to come up with a
>> high-quality (set of) plugins that is well maintained. Right now
>> efforts seems scattered across the community...
>>
>> On Fri, Feb 25, 2011 at 3:42 PM, Scott Ryan <[hidden email]> wrote:
>>> I have developed a standalone plugin for integrating with Facebook and google to support federated logins as well as posting on walls etc.  It works with both spring security and shiro but I have not seen much demand for is with nimble and other solutions out there.  I will look at making the github repo public and finishing it up for publication to the plugin repo. in the meantime I would love to work with anyone that has interest in this area.
>>>
>>> Scott Ryan
>>>
>>> On Feb 24, 2011, at 3:25 PM, Hans Westerbeek wrote:
>>>
>>>> Hi all,
>>>>
>>>> I would like to get some feedback from you guys in coming up with an
>>>> approach to the following:
>>>>
>>>> I have an application for which I would like users to be able to login
>>>> through 2 possibilities:
>>>> -1. through a regular login, fully handled by spring-security-core
>>>> -2. through facebook connect.
>>>>
>>>> At this point, I have option 1 available. The rest of my application
>>>> code relies heavily on Spring Security for authorization.
>>>>
>>>> So I need to add option 2 and let it fit in nicely to the existing codebase.
>>>>
>>>> Which steps should I take? Right now, I am thinking of developing a
>>>> grails plugin that extends spring security core to be able to handle
>>>> facebook logins. The spring-security-openid plugin could be a good
>>>> example. Furthermore, I should probably add some properties to my User
>>>> class to be able to store this user's facebook id. That way I can map
>>>> a Facebook User to my own domain's User.
>>>>
>>>> Does that make sense?
>>>>
>>>> Regards,
>>>> Hans
>>>>
>>>> ---------------------------------------------------------------------
>>>> To unsubscribe from this list, please visit:
>>>>
>>>>    http://xircles.codehaus.org/manage_email
>>>>
>>>>
>>>
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe from this list, please visit:
>>>
>>>    http://xircles.codehaus.org/manage_email
>>>
>>>
>>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe from this list, please visit:
>>
>>    http://xircles.codehaus.org/manage_email
>>
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>    http://xircles.codehaus.org/manage_email
>
>
>

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

Re: ideas for using facebook connect with the spring security plugin

scryan
In reply to this post by hanswesterbeek
You could allow the user to configure the package and class name of the user object/table.  If the object has the username and password they could configure those locations as well as the encoding method for the password.  The plugin could offer a service and set of tags and controller to integrate with the shiro or spring security system.  The service would allow the user to call for validation and the plugin could handle the work flow.   We need to allow for CSS configuration etc but it should be fairly easy to integrate.

Scott Ryan

On Feb 25, 2011, at 8:02 AM, Hans Westerbeek wrote:

> Scott,
>
> For posting on walls you use the facebook graph API, correct? I have
> seen that for that purpose there's yet another grails plugin available
> :) https://github.com/chechu/grails-facebook-graph
>
> Anyway, I think we need to concert our efforts to come up with a
> high-quality (set of) plugins that is well maintained. Right now
> efforts seems scattered across the community...
>
> On Fri, Feb 25, 2011 at 3:42 PM, Scott Ryan <[hidden email]> wrote:
>> I have developed a standalone plugin for integrating with Facebook and google to support federated logins as well as posting on walls etc.  It works with both spring security and shiro but I have not seen much demand for is with nimble and other solutions out there.  I will look at making the github repo public and finishing it up for publication to the plugin repo. in the meantime I would love to work with anyone that has interest in this area.
>>
>> Scott Ryan
>>
>> On Feb 24, 2011, at 3:25 PM, Hans Westerbeek wrote:
>>
>>> Hi all,
>>>
>>> I would like to get some feedback from you guys in coming up with an
>>> approach to the following:
>>>
>>> I have an application for which I would like users to be able to login
>>> through 2 possibilities:
>>> -1. through a regular login, fully handled by spring-security-core
>>> -2. through facebook connect.
>>>
>>> At this point, I have option 1 available. The rest of my application
>>> code relies heavily on Spring Security for authorization.
>>>
>>> So I need to add option 2 and let it fit in nicely to the existing codebase.
>>>
>>> Which steps should I take? Right now, I am thinking of developing a
>>> grails plugin that extends spring security core to be able to handle
>>> facebook logins. The spring-security-openid plugin could be a good
>>> example. Furthermore, I should probably add some properties to my User
>>> class to be able to store this user's facebook id. That way I can map
>>> a Facebook User to my own domain's User.
>>>
>>> Does that make sense?
>>>
>>> Regards,
>>> Hans
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe from this list, please visit:
>>>
>>>    http://xircles.codehaus.org/manage_email
>>>
>>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe from this list, please visit:
>>
>>    http://xircles.codehaus.org/manage_email
>>
>>
>>
>
> ---------------------------------------------------------------------
> To unsubscribe from this list, please visit:
>
>    http://xircles.codehaus.org/manage_email
>
>


---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

Re: ideas for using facebook connect with the spring security plugin

hanswesterbeek
Scott,

I have had some success with Patrick Schmidt's
grails-spring-security-facebook plugin, that he posted about earlier
in this thread:
https://github.com/pinut/grails-spring-security-facebook

I'm taking a look at that first.

Regards,
Hans

---------------------------------------------------------------------
To unsubscribe from this list, please visit:

    http://xircles.codehaus.org/manage_email


Reply | Threaded
Open this post in threaded view
|

Re: ideas for using facebook connect with the spring security plugin

Lim Chee Kin
Hi Hans,

Any success using the grails-spring-security-facebook plugin?  I am new to facebook API and trying to understand the plugin at the moment, it was challenging to me given the documentation is short. It will be great if you can publish a working sample app using the plugin.

Thanks in advance.

Best regards,
Chee Kin