I completed the setup of a small application that use Spring Security to perform an OpenID authentication. The application integrates also SpringSecurity and Wicket Security. Follows some details.
The demo conatains two different solutions, one uses the spring namespace, the other configures explicilty Spring security filters and providers.
The main issue to solve is how store the OpenID attributes returned from the OpenID provider to the Sprin UserDetails object.
Spring Security Name Space OpenID Setup
Through the element <openid-login/> Spring auto-configures an OpenIDAuthenticationFilter and an OpenIDAuthenticationProvider. The element <attribute-exchange/> contains all the OpenId attribute element to ask to the provider.
<security:anonymous enabled="false" />
<security:openid -login authentication-success-handler-ref="authenticationSuccessHandler" login-page="/login" authentication-failure-url="/?login_error=true" >
<security:openid -attribute name="email" type="http://schema.openid.net/contact/email" required="true" />
<security:openid -attribute name="firstName" type="http://axschema.org/namePerson/first" required="true" />
<security:openid -attribute name="lastName" type="http://axschema.org/namePerson/last" required="true" />
<security:openid -attribute name="language" type="http://axschema.org/pref/language" required="true" />
<security:remember -me key="alessandro-vincelli-openid" />
To be continue…
YouEat 1.4 is released and available on www.youeat.org.
- Added security on REST YouEat Services
- Improved REST interface
- Improvements on RistorantePositionService, now the distance is calculated using the Hibernate API
- upgraded to Spring 3.0.3
- upgraded to jackson 1.5.4
YouEat is an open source application. You can check the code at http://code.google.com/p/youeat/.
YouEat is a Java application built only with open-source software:
- Apache Wicket, for the web interface
- Spring Framework is the glue for all the components
- Hibernate is the JPA implementation
- Apache Lucene to implement the internal search engine
- Apache Maven is the dev manager
- JUnit is test suite
- PostgreSQL is the database engine
My idea is create an easy to read application… therefore any feedback is well accepted
I changed a lot on the core of jackwicket.
Pricincipally I moved from the jcr-spring-modules to the new org.springframework.se-jcr.
I also removed the DAO infrastucre and I simplified the implemetation of the service layer. To rebuild the Service Layer I used basically the JcrMappingTemplate, but in order to have a Generic interface I extended this class with JcrMappingTemplateGeneric that offers a type safe implementation of the super class.
You can find some samples in the implementation of the service layer in JackWicket.
Continuous integration (not available)
Code Quality(not available)
Thanks Salvo for the technical advice
Segnalo questo interessante articolo che offre una soluzione sulla configurazione del path dei file di log in Log4j.