WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn...
-
Upload
winfred-junior-cameron -
Category
Documents
-
view
218 -
download
3
Transcript of WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn...
![Page 1: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/1.jpg)
WAM and the Java Stack
![Page 2: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/2.jpg)
Disclaimer
• This is a training NOT a presentation.– Be prepared to learn and participate in labs
• Please ask questions• Prerequisites:
– Basic Java knowledge– Basic Spring knowledge– LDS Account Integration Training – Part 1
![Page 3: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/3.jpg)
Outline
• WAM (Web Access Management)• WAM integration w/o Spring Security• WAM integration w/ Spring Security
![Page 4: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/4.jpg)
WAM (Web Access Management)
![Page 5: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/5.jpg)
What is WAM?
• WAM stands for Web Access Management• Authentication
– Authentication management– Single Sign-on
• Authorization– Url (course-grained)– Entitlements (fine-grained)
• http://en.wikipedia.org/wiki/Web_Access_Management
![Page 6: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/6.jpg)
Architectural Overview of WAM
• Authentication status triggering request parameters• ?signmein• ?signmeout
![Page 7: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/7.jpg)
Injected Headers
• WAM injected headers:– https://tech.lds.org/wiki/SSO_Injected_Headers
• How the headers map with LDS Account (LDAP) attributes:– https://ldsteams.ldschurch.org/sites/wam/
Implementation%20Details/HTTP%20Headers.aspx• Required headers
– policy-ldsaccountid– policy-cn
![Page 8: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/8.jpg)
Wamulator
• For complete documentation:– http://tech.lds.org/wiki/WAMulator
• WAM Maven plugin provided to start/stop the wamulator– Run within LdsTech IDE
• Right click on Alm module and select Run As -> Run WAM Emulator
– Command line (from within the Alm module)• mvn stack-wam:run
![Page 9: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/9.jpg)
Demo
![Page 10: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/10.jpg)
Stack / WAM integration w/o Spring Security
• https://code.lds.org/maven-sites/stack/module.html?module=lds-account/stack-lds-account-wam/index.html
<filter> <filter-name>wamContextFilter</filter-name> <filter-class>org.lds.stack.wam.filter.WamContextFilter</filter-class> </filter>
<filter-mapping> <filter-name>wamContextFilter</filter-name> <url-pattern>/*</url-pattern> </filter-mapping>
![Page 11: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/11.jpg)
WamContext
• Accessed with:
• WamContexts consists of 3 main parts:– LdsAccountDetails object
– WamRequestProvider
– EntitlementService
WamContextHolder.getWamContext();
WamContextHolder.getWamContext().getLdsAccountDetails().getPreferredName();
WamContextHolder.getWamContext().getWamRequestProvider ().getCookieHeader();
WamContextHolder.getWamContext().getEntitlementService()….
![Page 12: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/12.jpg)
Demo
![Page 13: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/13.jpg)
Lab 1
https://tech.lds.org/wiki/WAM_Integration_-_Part_1#Lab_1
![Page 14: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/14.jpg)
WAM and Spring Security
![Page 15: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/15.jpg)
Why WAM and Spring Security?
• Spring Security provides– Full featured authorization system– Abstraction to authentication and authorization– Allows for complex fallback authentication systems– Facilitates proxy support
![Page 16: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/16.jpg)
WAM Spring Security Integration
• WAM Authentication Provider<lds-account:wam> <lds-account:intercept-url access="hasRole('ROLE_ADMIN')" pattern="/secure/**" /> <lds-account:intercept-url access="isAuthenticated()" pattern="**" /> <lds-account:access-denied-handler error-page="/errors/accessDenied" /> <lds-account:logout /></lds-account:wam>
<sec:authentication-manager> <sec:authentication-provider ref="ldsAccountAuthenticationProvider" /></sec:authentication-manager>
![Page 17: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/17.jpg)
Demo
![Page 18: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/18.jpg)
Spring Security and WAM authorization
• Spring provides programming tools– Full featured EL capabilities– Convenient annotations– Management central to the application
![Page 19: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/19.jpg)
Spring Security EntryPoint
• Simplifies WAM configuration / management• Utilizes WAM for authentication
– User details injected if authenticated• Allows course grained authorization to be
managed within the application
![Page 20: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/20.jpg)
Spring Integration
![Page 21: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/21.jpg)
Demo
![Page 22: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/22.jpg)
Lab 2
https://tech.lds.org/wiki/WAM_Integration_-_Part_1#Lab_2
![Page 23: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/23.jpg)
Conclusion
• The Stack provides full featured integration with WAM– With or without Spring Security
• Facilitate authorization in WAM, but has been made easy with Spring Security
![Page 24: WAM and the Java Stack. Disclaimer This is a training NOT a presentation. – Be prepared to learn and participate in labs Please ask questions Prerequisites:](https://reader035.fdocuments.net/reader035/viewer/2022062423/5697bfc81a28abf838ca882d/html5/thumbnails/24.jpg)
Credit Where Credit is Due
• http:// http://static.springsource.org/spring-security/site/docs/3.1.x/reference/springsecurity-single.html
• http://en.wikipedia.org/wiki/