Meaningless Drivel is fun!*
The moose likes Spring and the fly likes Spring 3 & openID integration Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Frameworks » Spring
Bookmark "Spring 3 & openID integration" Watch "Spring 3 & openID integration" New topic
Author

Spring 3 & openID integration

Kuladip Yadav
Ranch Hand

Joined: Jul 30, 2008
Posts: 162

Hi Peter,

Does the spring 3 security provide special API for openID authentication ?
Do you have separate chapter for this ?

I have used openID authentication using openid4java libraries.
But if spring 3 provides integration of openID authentication support then it's great

Any pointers/examples appreciated.

Thanks
Peter Mularien
Author
Ranch Hand

Joined: Sep 06, 2007
Posts: 84
Hello Kuldeep,

Thank you for the excellent question! Actually, we have an entire chapter devoted to the integration of Spring Security 3 and OpenID (you may not be aware that Spr Sec 3 uses openid4java behind the scenes, which is perfect for you!).

You may actually see this full OpenID chapter (although not formatted as nicely as the book ) on the Packt web site here: Opening up to OpenID with Spring Security. This should give you a taste of the level of technical detail that I've provided on all the subjects covered in the book.

Hope this answers your question!

Best,
Peter


Author, Spring Security 3 (the Book), Packt Publishing, 2010
SCJP, OCP
Kuladip Yadav
Ranch Hand

Joined: Jul 30, 2008
Posts: 162

Thanks for your reply.
And article link provided by you is very useful for openID implementation with spring security 3.

By the way, is it secure to use openID authentication for application ?
What do you think ?

Thanks
Peter Mularien
Author
Ranch Hand

Joined: Sep 06, 2007
Posts: 84
Provided that the OpenID provider can be trusted, yes, I think it's a secure solution. I would use a more controlled access approach for highly sensitive areas of the site (admin areas, etc), however

Best,
Peter
Kuladip Yadav
Ranch Hand

Joined: Jul 30, 2008
Posts: 162

yes, totally agree with you.
For more sensitive area it's better to avoid openID

thanks for your reply.
 
 
subject: Spring 3 & openID integration
 
Similar Threads
Spring Security 3: Active Directory Authentication with Kerberos
How to authenticate a user using open Id after logging in the system
Security - authorization without authentication
How do I specify Open ID Realm in spring security ?
OpenID integration in Spring