syncope-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Francesco Chicchiriccò <ilgro...@apache.org>
Subject Re: [DISCUSS] - Third party JWT SSO integration?
Date Tue, 27 Jun 2017 14:07:53 GMT
On 27/06/2017 16:05, Colm O hEigeartaigh wrote:
> Hi Francesco,
>
> On Tue, Jun 27, 2017 at 9:24 AM, Francesco Chicchiriccò <ilgrosso@apache.org>
wrote:
>
>> Instead of providing a map in securityContext.xml, I would rather enable
>> [1] to dynamically discover JwsSignatureVerifier implementations (or maybe
>> a new interface of ours extending that, adding a getIssuer() method).
>> Moreover, the new interface extending JwsSignatureVerifier could also
>> provide a method to resolve the JWT subject into Syncope username (known
>> user).
>> If you like, I can take care of this.
> +1 - please do!
>
>> Please also note that such SSO would work only at REST level; in order to
>> enable Admin Console or Enduser UI to that, something like the SAML 2.0 SP
>> Agent [2] will need to be provided.
> Yep that's fine.
>
>> As people started asking for 2.0.4 [3][4] and CXF 3.1.12 is under vote, I
>> think we should start finalizing, e.g. postponing new features and
>> improvements to 2.0.5. But maybe this one can still fit.
> No rush from my POV. Let's get it into JIRA anyway so that we can track it.

Agree: would you mind to do that? Thanks!

Regards.


> [1] https://github.com/apache/syncope/blob/2_0_X/core/logic/src/
> main/java/org/apache/syncope/core/logic/init/ClassPathScanI
> mplementationLookup.java
> [2] https://github.com/apache/syncope/blob/2_0_X/ext/saml2sp/
> agent/src/main/java/org/apache/syncope/ext/saml2lsp/
> agent/AssertionConsumer.java#L47
> [3] https://lists.apache.org/thread.html/d8a6f8fe3629d1d00165e24
> 61458511d8ace983af6006a5d304fa6a9@%3Cuser.syncope.apache.org%3E
> [4] https://lists.apache.org/thread.html/7d9072146f01994c8fb7f02
> c8af1f88e031345e391c06970a8fcf1ff@%3Cuser.syncope.apache.org%3E

-- 
Francesco Chicchiriccò

Tirasa - Open Source Excellence
http://www.tirasa.net/

Member at The Apache Software Foundation
Syncope, Cocoon, Olingo, CXF, OpenJPA, PonyMail
http://home.apache.org/~ilgrosso/


Mime
View raw message