<html><head><meta http-equiv="Content-Type" content="text/html charset=utf-8"></head><body style="word-wrap: break-word; -webkit-nbsp-mode: space; -webkit-line-break: after-white-space;" class="">To be honest, I haven’t personally tested the example LDAP overlay in a while as I don’t have an LDAP server set up to run it against. As a consequence, it might be out of date. Have you tried changing “alias” to “id”?<div class=""><br class=""></div><div class=""> — Justin</div><div class=""><br class=""><div><blockquote type="cite" class=""><div class="">On Jun 6, 2017, at 5:08 PM, Luiz Omori <<a href="mailto:luiz.omori@duke.edu" class="">luiz.omori@duke.edu</a>> wrote:</div><br class="Apple-interchange-newline"><div class=""><div class="WordSection1" style="page: WordSection1; font-family: Helvetica; font-size: 12px; font-style: normal; font-variant-caps: normal; font-weight: normal; letter-spacing: normal; text-align: start; text-indent: 0px; text-transform: none; white-space: normal; word-spacing: 0px; -webkit-text-stroke-width: 0px; background-color: rgb(255, 255, 255);"><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Well, is the LDAP overlay working? That one seems to be using “alias” instead of “id”.<o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""><o:p class=""> </o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Regards,<o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Luiz<o:p class=""></o:p></span></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""><o:p class=""> </o:p></span></div><div style="border-style: solid none none; border-top-width: 1pt; border-top-color: rgb(181, 196, 223); padding: 3pt 0in 0in;" class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><b class=""><span style="font-family: Calibri;" class="">From:<span class="Apple-converted-space"> </span></span></b><span style="font-family: Calibri;" class="">Justin Richer <<a href="mailto:jricher@mit.edu" class="">jricher@mit.edu</a>><br class=""><b class="">Date:<span class="Apple-converted-space"> </span></b>Tuesday, June 6, 2017 at 3:34 PM<br class=""><b class="">To:<span class="Apple-converted-space"> </span></b>Luiz Omori <<a href="mailto:luiz.omori@duke.edu" class="">luiz.omori@duke.edu</a>><br class=""><b class="">Cc:<span class="Apple-converted-space"> </span></b>"<a href="mailto:mitreid-connect@mit.edu" class="">mitreid-connect@mit.edu</a>" <<a href="mailto:mitreid-connect@mit.edu" class="">mitreid-connect@mit.edu</a>><br class=""><b class="">Subject:<span class="Apple-converted-space"> </span></b>Re: [mitreid-connect] Custom AuthenticationProvider<o:p class=""></o:p></span></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><o:p class=""> </o:p></div></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class="">The new version does upgrade the version of Spring Security and there were a few changes that were required in that upgrade. For one, if you’ve got your auth manager in with “alias” instead of “id”, it can fail in weird ways. Also note that the field names for username and password, as well as the username/password filter, have all changed by default. The other issues had to do with the default session and CSRF behavior in the new version of spring, but that shouldn’t affect the initial login.<span class="Apple-converted-space"> </span><o:p class=""></o:p></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><o:p class=""> </o:p></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""> — Justin<o:p class=""></o:p></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><o:p class=""> </o:p></div><div class=""><blockquote style="margin-top: 5pt; margin-bottom: 5pt;" class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class="">On Jun 6, 2017, at 1:40 PM, Luiz Omori <<a href="mailto:luiz.omori@duke.edu" style="color: purple; text-decoration: underline;" class="">luiz.omori@duke.edu</a>> wrote:<o:p class=""></o:p></div></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><o:p class=""> </o:p></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Thanks. I took a look and my configuration is very similar. Maybe my problem is elsewhere. The login page shows up but it always fails even with proper username and password (obviously as the authentication provider is not being called). Nothing in the logs at info level and couldn’t find anything useful in debug. Interesting that when I try using a previous MitreID 1.2.x that we have it works. Maybe something new with 1.3.x?</span><o:p class=""></o:p></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </span><o:p class=""></o:p></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Regards,</span><o:p class=""></o:p></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Luiz</span><o:p class=""></o:p></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </span><o:p class=""></o:p></div></div><div style="border-style: solid none none; border-top-width: 1pt; border-top-color: rgb(181, 196, 223); padding: 3pt 0in 0in;" class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><b class=""><span style="font-family: Calibri;" class="">From:<span class="apple-converted-space"> </span></span></b><span style="font-family: Calibri;" class="">Justin Richer <<a href="mailto:jricher@mit.edu" style="color: purple; text-decoration: underline;" class="">jricher@mit.edu</a>><br class=""><b class="">Date:<span class="apple-converted-space"> </span></b>Monday, June 5, 2017 at 4:33 PM<br class=""><b class="">To:<span class="apple-converted-space"> </span></b>Luiz Omori <<a href="mailto:luiz.omori@duke.edu" style="color: purple; text-decoration: underline;" class="">luiz.omori@duke.edu</a>><br class=""><b class="">Cc:<span class="apple-converted-space"> </span></b>"<a href="mailto:mitreid-connect@mit.edu" style="color: purple; text-decoration: underline;" class="">mitreid-connect@mit.edu</a>" <<a href="mailto:mitreid-connect@mit.edu" style="color: purple; text-decoration: underline;" class="">mitreid-connect@mit.edu</a>><br class=""><b class="">Subject:<span class="apple-converted-space"> </span></b>Re: [mitreid-connect] Custom AuthenticationProvider</span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class="">MIT has a server that uses a stack of different providers for different authentication methods:<o:p class=""></o:p></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_MIT-2DCSAIL-2DTIG_oidc.csail.mit.edu_blob_master_oidc-2Dmit-2Doverlay_src_main_webapp_WEB-2DINF_user-2Dcontext.xml&d=DwMFaQ&c=imBPVzF25OnBgGmVOlcsiEgHoG1i6YHLR0Sj_gZ4adc&r=R6m41WT3w_KtulQAsSIxc_C2mwuKoWSycEMpss0QQJA&m=bX9mWylWGUk4aJmRHhF98--u7tYmMkrOqvqnMatSQb4&s=a1JjBG13ol3etHvwxtoo2rb1WmqLl1K_VzeVGICxQHY&e=" style="color: purple; text-decoration: underline;" class=""><span style="color: purple;" class="">https://github.com/MIT-CSAIL-TIG/oidc.csail.mit.edu/blob/master/oidc-mit-overlay/src/main/webapp/WEB-INF/user-context.xml</span></a><o:p class=""></o:p></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> — Justin<o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div><div class=""><blockquote style="margin-top: 5pt; margin-bottom: 5pt;" class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class="">On Jun 5, 2017, at 1:35 PM, Luiz Omori <<a href="mailto:luiz.omori@duke.edu" style="color: purple; text-decoration: underline;" class="">luiz.omori@duke.edu</a>> wrote:<o:p class=""></o:p></div></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div><div class=""><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Hi,</span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">We need to be able to authenticate an user using a third party application web service that does the password check and sends back the user details. For that I’ve been trying to implement a custom authentication provider but so far couldn’t make it to work. The constructor is called but neither supports nor authenticate methods are. Using an overlay project for that, overriding user-context.xml with the security:authentication-provider setting pointing to our custom provider. As far as I can see, our project is very similar to the LDAP overlay.</span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Has anybody tried this? If yes, would you mind sending me a skeleton project?</span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class=""> </span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Regards,</span><o:p class=""></o:p></div></div></div><div class=""><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 11pt; font-family: Calibri;" class="">Luiz</span><o:p class=""></o:p></div></div></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""><span style="font-size: 9pt; font-family: Helvetica; background-color: white; background-position: initial initial; background-repeat: initial initial;" class="">_______________________________________________</span><span style="font-size: 9pt; font-family: Helvetica;" class=""><br class=""><span style="background-color: white; background-position: initial initial; background-repeat: initial initial;" class="">mitreid-connect mailing list</span><br class=""></span><a href="mailto:mitreid-connect@mit.edu" style="color: purple; text-decoration: underline;" class=""><span style="font-size: 9pt; font-family: Helvetica; color: rgb(149, 79, 114); background-color: white; background-position: initial initial; background-repeat: initial initial;" class="">mitreid-connect@mit.edu</span></a><span style="font-size: 9pt; font-family: Helvetica;" class=""><br class=""></span><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.mit.edu_mailman_listinfo_mitreid-2Dconnect&d=DwMFaQ&c=imBPVzF25OnBgGmVOlcsiEgHoG1i6YHLR0Sj_gZ4adc&r=R6m41WT3w_KtulQAsSIxc_C2mwuKoWSycEMpss0QQJA&m=bX9mWylWGUk4aJmRHhF98--u7tYmMkrOqvqnMatSQb4&s=He3Mte3oSlW53K3UO9iF0wpf8-VnYsIjpOQFXpbUPFQ&e=" style="color: purple; text-decoration: underline;" class=""><span style="font-size: 9pt; font-family: Helvetica; color: rgb(149, 79, 114); background-color: white; background-position: initial initial; background-repeat: initial initial;" class="">http://mailman.mit.edu/mailman/listinfo/mitreid-connect</span></a><o:p class=""></o:p></div></div></div></blockquote></div><div class=""><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman'; background-color: white;" class=""> <o:p class=""></o:p></div></div></div></div></div></blockquote></div><div style="margin: 0in 0in 0.0001pt; font-size: 12pt; font-family: 'Times New Roman';" class=""><o:p class=""> </o:p></div></div></div></div></blockquote></div><br class=""></div></body></html>