Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

This describes the design ideas for the next generation of the login service stuff.

Base interface DomainPasswordLoginService

The base interface only provides a login verification API, without any HTTP session handling.

The page describes The Java interface is org.clazzes.util.sec.DomainPasswordLoginService from https://svn.clazzes.org/svn/util/trunk/clazzes-util/src/main/java/org/clazzes/util/sec/DomainPasswordLoginService.javaWe plan the following implmentations now

DomainPasswordLoginService Implementations

Current implementations

The following implementations are available:

We will create a new svn repository "login".

For testing:

For testing them there is a testpad webapp using org.clazzes.login

...

Future ideas for implementations:

...

.adapter.http, see there.

Maven and Subversion repository

All implementations have the new maven groupIdorg.clazzes.login, and a new svn repository: https://svn.clazzes.org/svn/login.

Authentication against external Authentication Providers

  • OAuth2/OpenID Connect client: org.clazzes.login.openid (like provided by Wordpressoauth (authenticate against github, Google, Facebookmicrosoft cloud services,...).

OSGi wrapper HttpLoginServiceAdapter and Testpad

The OSGi side exists for the new login serivce approach consists of one small bundle, org.clazzes.login.adapter.http, that listens for providers of the DomainPasswordLoginService the DomainPasswordLoginService interface and exports them adapted as a HttpLoginService (see https://svn.clazzes.org/svn/util/trunk/http-util/src/main/java/org/clazzes/util/http/sec/HttpLoginService.java).Current LoginServices combining login API and HTTP session handling will become obsolete: gwt-jaas-login-service,gwt-ldap-login-service, gwt-http-login-service (httpsas HttpLoginService.

Token OTP Provider

For adding two-factor authentication support, the module org.clazzes.login.yubikey is provided, which has been 

DomainPasswordLoginService backend SDS

We are currently in the process of implementing a backend.

For now see http://svn.clazzes.org/svn/gwtsds/trunk/gwt-*-login-service).

Package for the wrapper: org.clazzes.login.adapter.http

OSGi-bundle/project name: http-login-adapter

URL of exported DomainPasswordLoginServices: /http-login/<login.mechanism>/login

 

  (SVN) and SDS (JIRA).