1 / 24

WAM and the Java Stack

WAM and the Java Stack. Disclaimer. Please ask questions There are hands on labs Prerequisites: Basic Java knowledge Basic Spring knowledge LDS Account Integration Training – Part 1. Outline. WAM (Web Access Management) WAM integration w/o Spring Security

rasul
Download Presentation

WAM and the Java Stack

An Image/Link below is provided (as is) to download presentation Download Policy: Content on the Website is provided to you AS IS for your information and personal use and may not be sold / licensed / shared on other websites without getting consent from its author. Content is provided to you AS IS for your information and personal use only. Download presentation by click this link. While downloading, if for some reason you are not able to download a presentation, the publisher may have deleted the file from their server. During download, if you can't get a presentation, the file might be deleted by the publisher.

E N D

Presentation Transcript

  1. WAM and the Java Stack

  2. Disclaimer • Please ask questions • There are hands on labs • Prerequisites: • Basic Java knowledge • Basic Spring knowledge • LDS Account Integration Training – Part 1

  3. Outline • WAM (Web Access Management) • WAM integration w/o Spring Security • WAM integration w/ Spring Security

  4. WAM (Web Access Management)

  5. What is WAM? • WAM stands for Web Access Management • Authentication • Authentication management • Single Sign-on • Authorization • Url (course-grained) • Entitlements (fine-grained) • http://en.wikipedia.org/wiki/Web_Access_Management

  6. Architectural Overview of WAM • Authentication status triggering request parameters • ?signmein • ?signmeout

  7. Injected Headers • WAM injected headers: • https://tech.lds.org/wiki/SSO_Injected_Headers • How the headers map with LDS Account (LDAP) attributes: • https://ldsteams.ldschurch.org/sites/wam/Implementation%20Details/HTTP%20Headers.aspx • Required headers • policy-ldsaccountid • policy-cn

  8. Wamulator • For complete documentation: • http://tech.lds.org/wiki/WAMulator • WAM Maven plugin provided to start/stop the wamulator • Run within LdsTech IDE • Right click on Alm module and select Run As -> Run WAM Emulator • Command line (from within the Alm module) • mvn stack-wam:run

  9. Demo

  10. Stack / WAM integration w/o Spring Security • https://code.lds.org/maven-sites/stack/module.html?module=lds-account/stack-lds-account-wam/index.html <filter> <filter-name>wamContextFilter</filter-name> <filter-class>org.lds.stack.wam.filter.WamContextFilter</filter-class> </filter> <filter-mapping> <filter-name>wamContextFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>

  11. WamContext • Accessed with: • WamContexts consists of 3 main parts: • LdsAccountDetails object • WamRequestProvider • EntitlementService WamContextHolder.getWamContext(); WamContextHolder.getWamContext().getLdsAccountDetails().getPreferredName(); WamContextHolder.getWamContext().getWamRequestProvider ().getCookieHeader(); WamContextHolder.getWamContext().getEntitlementService()….

  12. Demo

  13. Lab 1 https://tech.lds.org/wiki/WAM_Integration_-_Part_1#Lab_1

  14. WAM and Spring Security

  15. Why WAM and Spring Security? • Spring Security provides • Full featured authorization system • Abstraction to authentication and authorization • Allows for complex fallback authentication systems • Facilitates proxy support

  16. WAM Spring Security Integration • WAM Authentication Provider <lds-account:wam> <lds-account:intercept-url access="hasRole('ROLE_ADMIN')" pattern="/secure/**" /> <lds-account:intercept-url access="isAuthenticated()" pattern="**" /> <lds-account:access-denied-handler error-page="/errors/accessDenied" /> <lds-account:logout/> </lds-account:wam> <sec:authentication-manager> <sec:authentication-provider ref="ldsAccountAuthenticationProvider" /> </sec:authentication-manager>

  17. Demo

  18. Spring Security and WAM authorization • Spring provides programming tools • Full featured EL capabilities • Convenient annotations • Management central to the application • Advantages to both WAM authorizations and Spring Security authorizations

  19. Spring Security EntryPoint • Simplifies WAM configuration / management • Utilizes WAM for authentication • User details injected if authenticated • Allows course grained authorization to be managed within the application

  20. Spring Integration

  21. Demo

  22. Lab 2 https://tech.lds.org/wiki/WAM_Integration_-_Part_1#Lab_2

  23. Conclusion • The Stack provides full featured integration with WAM • With or without Spring Security • Facilitate authorization in WAM, but has been made easy with Spring Security

  24. Credit Where Credit is Due • http:// http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html • http://en.wikipedia.org/wiki/

More Related