Announcement Announcement Module
Collapse
No announcement yet.
authentication between servers Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • authentication between servers

    Hi,
    I have a Spring Security setup on one server with a game on it, and a web site on another server that serves a PHP/MySQL web site. I need to authenticate users that request the game, using the user profiles of my web site. I have some elementary knowledge of authentication managers, providers, user service and authentication entry point. Googling did not help to find a tutorial in my skill level (still newbie with Spring Security).

    Is there any good tutorial/article or solution of the similar situation anyone could kindly point me to it please?

  • #2
    How do you want to authenticate the users? Is it just by connecting to the DB of the MySQL database with the java code or are you wanting something like Single Sign On? If you are wanting to get started with Spring Security I would start at the getting started page.

    Comment


    • #3
      Originally posted by rwinch View Post
      How do you want to authenticate the users? Is it just by connecting to the DB of the MySQL database with the java code or are you wanting something like Single Sign On? If you are wanting to get started with Spring Security I would start at the getting started page.
      Rwinch, thank you, I already passed the link and practiced with 'Petclinic'. I have a working Spring Secuirty on my game application, but it is based on hard coded credentials in xml file, which I learned from 'Petclinic'.

      Next I studied this great tutorial:
      GoogleAccountsAuthenticationEntryPoint

      but still can't fully understand which class to extend, so that my game application after getting the authentication token, turns to the MySQL database of my web site and authenticates against the user table (actually, a Joomla user table).

      From the tutorial of "" I learned that
      a) I have to implement AuthenticationEntryPoint
      b) make a filter: GenericFilterBean
      c) develope a custom Authentication Provider
      d) edit applicationContext-security.xml introduce auth. provider
      e) edit applicationContext.xml introduce auth. provider bean

      Still mystery:
      1. where to start from and what are the correct steps?
      2. where to get a hint how to make game application to auth. against Joomla user table (web site having MySQL DB)?

      I will not have 'single sign on' and I have to simply connect from java code to my Joomla database. Connecting is not a problem, I have a working application that based on Petclinic tutorial, authenticates the 'Admin' (username/password in xml file) and loads Joomla-users emails for him into Flex client, from Java code. The problem is to finally learn to implement custom-Authentication against a MySQL database on a different server :-)


      please help if possible.

      Comment


      • #4
        To authenticate Spring Security you will want to first try to use an existing AuthenticationProvider or UserDetailsService. Do you have an SQL query that you can obtain the username/password for the user? If so try looking at the jdbc-user-service element which creates a JdbcDaoImpl for your UserDetailsService. It allows you to specify the query for your user using jdbc-user-service/@users-by-username-query and for the roles for that user using jdbc-user-service/@authorities-by-username-query (must return at least one role). If that does not meet your needs you can write your own AuthenticationProvider or UserDetailsService. See the JdbcDaoImpl for the default queries.
        Last edited by Rob Winch; Jan 25th, 2011, 10:28 AM. Reason: added links

        Comment


        • #5
          Originally posted by rwinch View Post
          To authenticate Spring Security you will want to first try to use an existing AuthenticationProvider or UserDetailsService. Do you have an SQL query that you can obtain the username/password for the user?
          >Do you have an SQL query that you can obtain the username/password for the user?

          Yes I can put any query to MySQL DB I have, and if I understand you correct, you mean I have to implement the class "DriverManagerDataSource" as addressed in the link you gave (I copied from there in the code bellow), and put the actual SQL query there, right? I am confused about where exactly the query will be placed. Unfortunately I failed to find a single code example online that queries a MySQL DB :-(

          Code:
          <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
            <property name="driverClassName" value="org.hsqldb.jdbcDriver"/>
            <property name="url" value="jdbc:hsqldb:hsql://localhost:9001"/>
            <property name="username" value="sa"/>
            <property name="password" value=""/>
          </bean>
          
          <bean id="userDetailsService" class="org.springframework.security.core.userdetails.jdbc.JdbcDaoImpl">
            <property name="dataSource" ref="dataSource"/>
          </bean>

          Comment


          • #6
            Try something like the following...

            Code:
            <sec:authentication-manager>
             <sec:authentication-provider>
              <sec:jdbc-user-service data-source-ref="dataSource"
               users-by-username-query="select username,password,enabled from users where username = ?" 
               authorities-by-username-query="select username,authority from authorities where username = ?"/>
             </sec:authentication-provider>
            </sec:authentication-manager>
            
            <bean id="dataSource" class="org.springframework.jdbc.datasource.DriverManagerDataSource">
              <property name="driverClassName" value="org.hsqldb.jdbcDriver"/>
              <property name="url" value="jdbc:hsqldb:hsql://localhost:9001"/>
              <property name="username" value="sa"/>
              <property name="password" value=""/>
            </bean>
            For details refer to the links I provided
            Last edited by Rob Winch; Jan 27th, 2011, 11:38 AM. Reason: changed to include the DataSource since this was not clear

            Comment


            • #7
              Rwinch, thank you for clear example, I now imagine it much better.

              One thing I can't understand here: where I have to put the address of my MySQL db?

              In a scenario, where there is no access to the DB server and I only can have a proxy that returns a JSON string, is it possible to map the user-service to a bean I implement, that will translate the JSON so that Spring Security could take advantage of?

              If such idea is possible, could you please give me a hint, how the same xml setup must be changed please?

              For my English sorry, non-native

              Comment


              • #8
                You can create a data source as you did in the sample you provided to specify the attributes to your database. Granted my sample was referring to securityDataSource and yours is being identified as dataSource, so you will need to change one or the other.

                Comment

                Working...
                X