[MAGNOLIA-198] implement JAAS Authentication Created: 19/Nov/04  Updated: 23/Jan/13  Resolved: 23/Aug/05

Status: Closed
Project: Magnolia
Component/s: core
Affects Version/s: 2.1 Final
Fix Version/s: 3.0 Beta 1

Type: Task Priority: Major
Reporter: Sameer Charles Assignee: Sameer Charles
Resolution: Fixed Votes: 1
Labels: None
Remaining Estimate: Not Specified
Time Spent: Not Specified
Original Estimate: Not Specified
Environment:

all


Attachments: File magnolia-jaas-login.jar    
Template:
Acceptance criteria:
Empty
Task DoR:
Empty
Date of First Response:

 Description   

Somehow missing code ? check CVS. Authenticator class is messed up its not a latest version.

Implement and test JAAS Login support



 Comments   
Comment by Sameer Charles [ 19/Nov/04 ]

Authenticating against contaner is fairly trivial but the big question is how to manage
magnolia specific roles/groups
we have to provide some kind of interface.??

for a start I propose simply extend Authentocator class such that it respests JAAS auth.
and provide a very simple LoginModule using existing "users" repository.

Comment by Sameer Charles [ 29/Nov/04 ]

We need as detailed a description as you can give us of :

How authentication works in the current system, both from a user
interface perspective and and from the server side. We've got a bit of
an idea of how it works at the moment but an explanation would be much
more helpful. We want to work on this full time for the next 3 days
and see if we can sort it all out. Curently we think the best thing to
do first is to add a new leaf under /server called customLoginModules.
Which contains the information needed to instantiate helpers for
querying the authentication model.

Comment by Sameer Charles [ 29/Nov/04 ]

check info.magnolia.cms.security.Authenticator class
its fairly basic repository authentication

1.
magnolia authenticates your session against JCR,

2.
once you are authenticated, info.magnolia.cms.security.SessionAccessControl updates your session with all ACL (gathered from your roles)

3.
magnolia (via access manager) updates repository session. rest is taken care by the JCR implementation.

I would propose configuration by which you could also define which Authenticator class magnolia would use.
but this we can always do it later.

attached loginModule (same as on wiki.magnolia.info, adapted to work with magnolia 2.0)

Comment by Sena Gbeckor-Kove [ 01/Feb/05 ]

I'm working on this at the moment what is the schedule for v 2.1.

Comment by Philipp Jurewicz [ 16/Mar/05 ]

Having JAAS is surely great, but is this bug realy a blocker as it is marked right now?

Comment by Sameer Charles [ 10/May/05 ]

evaluate work needed for this

Comment by Sameer Charles [ 10/May/05 ]

Sena
do you have any update on this, I will start evaluating this and implement after 2.1 release.
please let me know if you did something on this issue

Comment by Sameer Charles [ 26/May/05 ]

since no one came up with any objection or comments I will soon start work on this.
this wont be a part of magnolia 2.1 release so ll start a separate branch on svn and merge later

Comment by Sameer Charles [ 16/Aug/05 ]

commited first version of JAAS implementation on svn, this "wont" be a part of next release I am still working on it.

package info.magnolia.jaas
Basically you can plug-in any third party login module to authenticate and use
jcr login module for authorization, check jaas.conf to switch between loginModules, currently its configured to use JCRLoginModule

I am working on configurable LDAP login module for magnolia, will update soon

Comment by Sameer Charles [ 23/Aug/05 ]

follow http://jira.magnolia.info/browse/MAGNOLIA-531 for login modules

Generated at Mon Feb 12 03:15:03 CET 2024 using Jira 9.4.2#940002-sha1:46d1a51de284217efdcb32434eab47a99af2938b.