<html xmlns:o="urn:schemas-microsoft-com:office:office" xmlns:w="urn:schemas-microsoft-com:office:word" xmlns:m="http://schemas.microsoft.com/office/2004/12/omml" xmlns="http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8">
<meta name="Title" content="">
<meta name="Keywords" content="">
<meta name="Generator" content="Microsoft Word 15 (filtered medium)">
<style><!--
/* Font Definitions */
@font-face
{font-family:"Cambria Math";
panose-1:2 4 5 3 5 4 6 3 2 4;}
@font-face
{font-family:Calibri;
panose-1:2 15 5 2 2 2 4 3 2 4;}
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{mso-style-priority:99;
color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{mso-style-priority:99;
color:purple;
text-decoration:underline;}
span.apple-converted-space
{mso-style-name:apple-converted-space;}
span.EmailStyle18
{mso-style-type:personal-reply;
font-family:Calibri;
color:windowtext;}
span.msoIns
{mso-style-type:export-only;
mso-style-name:"";
text-decoration:underline;
color:teal;}
.MsoChpDefault
{mso-style-type:export-only;
font-size:10.0pt;}
@page WordSection1
{size:8.5in 11.0in;
margin:1.0in 1.0in 1.0in 1.0in;}
div.WordSection1
{page:WordSection1;}
--></style>
</head>
<body bgcolor="white" lang="EN-US" link="blue" vlink="purple">
<div class="WordSection1">
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Calibri">Well, is the LDAP overlay working? That one seems to be using “alias” instead of “id”.<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Calibri"><o:p> </o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Calibri">Regards,<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Calibri">Luiz<o:p></o:p></span></p>
<p class="MsoNormal"><span style="font-size:11.0pt;font-family:Calibri"><o:p> </o:p></span></p>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<p class="MsoNormal"><b><span style="font-family:Calibri;color:black">From: </span>
</b><span style="font-family:Calibri;color:black">Justin Richer <jricher@mit.edu><br>
<b>Date: </b>Tuesday, June 6, 2017 at 3:34 PM<br>
<b>To: </b>Luiz Omori <luiz.omori@duke.edu><br>
<b>Cc: </b>"mitreid-connect@mit.edu" <mitreid-connect@mit.edu><br>
<b>Subject: </b>Re: [mitreid-connect] Custom AuthenticationProvider<o:p></o:p></span></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<p class="MsoNormal">The new version does upgrade the version of Spring Security and there were a few changes that were required in that upgrade. For one, if you’ve got your auth manager in with “alias” instead of “id”, it can fail in weird ways. Also note
that the field names for username and password, as well as the username/password filter, have all changed by default. The other issues had to do with the default session and CSRF behavior in the new version of spring, but that shouldn’t affect the initial
login. <o:p></o:p></p>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
<div>
<p class="MsoNormal"> — Justin<o:p></o:p></p>
</div>
<div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<p class="MsoNormal">On Jun 6, 2017, at 1:40 PM, Luiz Omori <<a href="mailto:luiz.omori@duke.edu">luiz.omori@duke.edu</a>> wrote:<o:p></o:p></p>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
<div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri">Thanks. I took a look and my configuration is very similar. Maybe my problem is elsewhere. The login page shows up but it always fails even with proper username
and password (obviously as the authentication provider is not being called). Nothing in the logs at info level and couldn’t find anything useful in debug. Interesting that when I try using a previous MitreID 1.2.x that we have it works. Maybe something new
with 1.3.x?</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri"> </span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri">Regards,</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri">Luiz</span><o:p></o:p></p>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri"> </span><o:p></o:p></p>
</div>
<div style="border:none;border-top:solid #B5C4DF 1.0pt;padding:3.0pt 0in 0in 0in">
<div>
<p class="MsoNormal" style="background:white"><b><span style="font-family:Calibri">From:<span class="apple-converted-space"> </span></span></b><span style="font-family:Calibri">Justin Richer <<a href="mailto:jricher@mit.edu">jricher@mit.edu</a>><br>
<b>Date:<span class="apple-converted-space"> </span></b>Monday, June 5, 2017 at 4:33 PM<br>
<b>To:<span class="apple-converted-space"> </span></b>Luiz Omori <<a href="mailto:luiz.omori@duke.edu">luiz.omori@duke.edu</a>><br>
<b>Cc:<span class="apple-converted-space"> </span></b>"<a href="mailto:mitreid-connect@mit.edu">mitreid-connect@mit.edu</a>" <<a href="mailto:mitreid-connect@mit.edu">mitreid-connect@mit.edu</a>><br>
<b>Subject:<span class="apple-converted-space"> </span></b>Re: [mitreid-connect] Custom AuthenticationProvider</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"> <o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal" style="background:white">MIT has a server that uses a stack of different providers for different authentication methods:<o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"><a href="https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_MIT-2DCSAIL-2DTIG_oidc.csail.mit.edu_blob_master_oidc-2Dmit-2Doverlay_src_main_webapp_WEB-2DINF_user-2Dcontext.xml&d=DwMFaQ&c=imBPVzF25OnBgGmVOlcsiEgHoG1i6YHLR0Sj_gZ4adc&r=R6m41WT3w_KtulQAsSIxc_C2mwuKoWSycEMpss0QQJA&m=bX9mWylWGUk4aJmRHhF98--u7tYmMkrOqvqnMatSQb4&s=a1JjBG13ol3etHvwxtoo2rb1WmqLl1K_VzeVGICxQHY&e="><span style="color:purple">https://github.com/MIT-CSAIL-TIG/oidc.csail.mit.edu/blob/master/oidc-mit-overlay/src/main/webapp/WEB-INF/user-context.xml</span></a><o:p></o:p></p>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"> <o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"> — Justin<o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"> <o:p></o:p></p>
</div>
<div>
<blockquote style="margin-top:5.0pt;margin-bottom:5.0pt">
<div>
<div>
<p class="MsoNormal" style="background:white">On Jun 5, 2017, at 1:35 PM, Luiz Omori <<a href="mailto:luiz.omori@duke.edu">luiz.omori@duke.edu</a>> wrote:<o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal" style="background:white"> <o:p></o:p></p>
</div>
<div>
<div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri">Hi,</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri"> </span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri">We need to be able to authenticate an user using a third party application web service that does the password check and sends back the user details. For that I’ve
been trying to implement a custom authentication provider but so far couldn’t make it to work. The constructor is called but neither supports nor authenticate methods are. Using an overlay project for that, overriding user-context.xml with the security:authentication-provider
setting pointing to our custom provider. As far as I can see, our project is very similar to the LDAP overlay.</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri"> </span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri">Has anybody tried this? If yes, would you mind sending me a skeleton project?</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri"> </span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri">Regards,</span><o:p></o:p></p>
</div>
</div>
<div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:11.0pt;font-family:Calibri">Luiz</span><o:p></o:p></p>
</div>
</div>
<div>
<p class="MsoNormal" style="background:white"><span style="font-size:9.0pt;font-family:Helvetica;background:white">_______________________________________________</span><span style="font-size:9.0pt;font-family:Helvetica"><br>
<span style="background:white">mitreid-connect mailing list</span><br>
</span><a href="mailto:mitreid-connect@mit.edu"><span style="font-size:9.0pt;font-family:Helvetica;color:#954F72;background:white">mitreid-connect@mit.edu</span></a><span style="font-size:9.0pt;font-family:Helvetica"><br>
</span><a href="https://urldefense.proofpoint.com/v2/url?u=http-3A__mailman.mit.edu_mailman_listinfo_mitreid-2Dconnect&d=DwMFaQ&c=imBPVzF25OnBgGmVOlcsiEgHoG1i6YHLR0Sj_gZ4adc&r=R6m41WT3w_KtulQAsSIxc_C2mwuKoWSycEMpss0QQJA&m=bX9mWylWGUk4aJmRHhF98--u7tYmMkrOqvqnMatSQb4&s=He3Mte3oSlW53K3UO9iF0wpf8-VnYsIjpOQFXpbUPFQ&e="><span style="font-size:9.0pt;font-family:Helvetica;color:#954F72;background:white">http://mailman.mit.edu/mailman/listinfo/mitreid-connect</span></a><o:p></o:p></p>
</div>
</div>
</blockquote>
</div>
<div>
<p class="MsoNormal" style="background:white"> <o:p></o:p></p>
</div>
</div>
</div>
</div>
</blockquote>
</div>
<p class="MsoNormal"><o:p> </o:p></p>
</div>
</div>
</body>
</html>