shiro-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Kalle Korhonen <kalle.o.korho...@gmail.com>
Subject Re: Implementing Facebook Login
Date Tue, 29 Nov 2011 04:05:59 GMT
I thought the approach sounded familiar :) I never intended to make my
facebook integration
(http://tynamo.org/tynamo-federatedaccounts+guide) generic to all
servlet environments since you soon get to a point where you'd like to
customize the flow and the layouts with your ui framework of choice,
but to me that flow is the only one that makes sense with Oauth(2) -
although then again, I'm strongly biased. It'd be interesting to
collaborate on the federated account interfaces, perhaps to generalize
the common parts to yet another library. In the Tynamo trunk, we've
refactored the core to support multiple Oauth providers using the same
base interfaces. With Oauth, OpenID etc. you'll quickly get to the
point where authorization isn't quite enough, but you need to use
provider-specific libraries.

Kalle


On Mon, Nov 28, 2011 at 6:24 AM, Mike_Warren <mr.mike.warren@gmail.com> wrote:
> I'm just getting to grips with Shiro (which I have to say has been very nice
> and intuitive nice use so far), and also now trying to use Facebook / OAuth
> as a login mechanism.
>
> I have read of other discussion around this area,
> http://shiro-user.582556.n2.nabble.com/Advice-on-Shira-with-FB-Connect-Session-Clustering-Efficiency-td6832777.htm
> but as it covers other questions I thought I'd post a new topic.
>
> Basically I've got Facebook login working but not sure if my approach is
> correct.
>
> I've implemented a new Facebook realm, with associated Credentials matcher
> and token, see link below for a blog post with more details. I've decided
> that my credentials matcher doesn't actually need to do anything because by
> the time it is called upon Facebook has already done the job of gathering
> credentials and checking them. I've also ended up with a FacebookToken class
> which holds a code for use in calls to facebook, but which just returns null
> for getPrincipal and getCredentials as when it comes to authentication I
> consider Facebook to be responsible for determining the Principal and
> getting credentials. Does this sound right to anyone with more experience in
> this area ?
>
> Anyway, any thoughts on this appreciated, or if there's anyone else who's
> already done this I'd be more than happy to not be reinventing the wheel.
>
> Blog posts of what I've done so far.
> http://mrdwnotes.wordpress.com/2011/11/28/using-apache-shiro-security-to-allow-login-via-facebook-part-1/
>
> http://mrdwnotes.wordpress.com/2011/11/28/using-apache-shiro-security-to-allow-login-via-facebook-part-2/
>
> thanks Mike
>
>
> --
> View this message in context: http://shiro-user.582556.n2.nabble.com/Implementing-Facebook-Login-tp7038905p7038905.html
> Sent from the Shiro User mailing list archive at Nabble.com.
>

Mime
View raw message