LDAP integration

classic Classic list List threaded Threaded
7 messages Options
Reply | Threaded
Open this post in threaded view
|

LDAP integration

duymap
Hi experts,

I am using tapestry for building my web application. So far, I used
username/password checking match in db for authentication and
authorization. Sure, password was hashed. But I would like to upgrade
security in my app by integrating LDAP into tapestry. I did some
researching and found 2 approaches: Apache Shiro and Spring Security.

If anyone has done with that, please give me some suggestion. Which one I
should choose ?

Many thanks,
Duy.
Reply | Threaded
Open this post in threaded view
|

Re: LDAP integration

Jay Ginete
There's tapestry-security from the tynamo guys.

http://tynamo.org/tapestry-security+guide

On Monday, 23 February, 2015 02:28 PM, Chung Khanh Duy wrote:

> Hi experts,
>
> I am using tapestry for building my web application. So far, I used
> username/password checking match in db for authentication and
> authorization. Sure, password was hashed. But I would like to upgrade
> security in my app by integrating LDAP into tapestry. I did some
> researching and found 2 approaches: Apache Shiro and Spring Security.
>
> If anyone has done with that, please give me some suggestion. Which one I
> should choose ?
>
> Many thanks,
> Duy.
>


---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: LDAP integration

Thai Tran
It depends on the way you want to manage the account to login i guess. My  old project managed the user separately in our old database and used some libs like unbound ldap to connect with the ldap server. It is quite simple and straightforward http://stackoverflow.com/a/14452298/300359

Thai Tran

> On 23 Feb 2015, at 5:32 pm, Jay Ginete <[hidden email]> wrote:
>
> There's tapestry-security from the tynamo guys.
>
> http://tynamo.org/tapestry-security+guide
>
>> On Monday, 23 February, 2015 02:28 PM, Chung Khanh Duy wrote:
>> Hi experts,
>>
>> I am using tapestry for building my web application. So far, I used
>> username/password checking match in db for authentication and
>> authorization. Sure, password was hashed. But I would like to upgrade
>> security in my app by integrating LDAP into tapestry. I did some
>> researching and found 2 approaches: Apache Shiro and Spring Security.
>>
>> If anyone has done with that, please give me some suggestion. Which one I
>> should choose ?
>>
>> Many thanks,
>> Duy.
>>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: LDAP integration

duymap
Thanks all. It's really helpful.

Duy.

On Mon, Feb 23, 2015 at 4:46 PM, Bubufff <[hidden email]> wrote:

> It depends on the way you want to manage the account to login i guess. My
> old project managed the user separately in our old database and used some
> libs like unbound ldap to connect with the ldap server. It is quite simple
> and straightforward http://stackoverflow.com/a/14452298/300359
>
> Thai Tran
>
> > On 23 Feb 2015, at 5:32 pm, Jay Ginete <[hidden email]> wrote:
> >
> > There's tapestry-security from the tynamo guys.
> >
> > http://tynamo.org/tapestry-security+guide
> >
> >> On Monday, 23 February, 2015 02:28 PM, Chung Khanh Duy wrote:
> >> Hi experts,
> >>
> >> I am using tapestry for building my web application. So far, I used
> >> username/password checking match in db for authentication and
> >> authorization. Sure, password was hashed. But I would like to upgrade
> >> security in my app by integrating LDAP into tapestry. I did some
> >> researching and found 2 approaches: Apache Shiro and Spring Security.
> >>
> >> If anyone has done with that, please give me some suggestion. Which one
> I
> >> should choose ?
> >>
> >> Many thanks,
> >> Duy.
> >>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>


--
Chung Khánh Duy
Project Support Manager
Formos
Reply | Threaded
Open this post in threaded view
|

Re: LDAP integration

bobharner
In reply to this post by Thai Tran
If you are already using Spring heavily in your app then Spring Security is
a reasonable choice. Otherwise I recommend you follow Jay's advice ad use
the Tapestry-security module, which is a thin wrapper around Shiro. A lot
of Tapestry users have had great success with that choice, including me.

Regardless of the framework choice, you will still need to write the bit of
code that queries your LDAP directory. The Unbound LDAP mentioned by Tai is
a highly regarded library for that.
On Feb 23, 2015 4:46 AM, "Bubufff" <[hidden email]> wrote:

> It depends on the way you want to manage the account to login i guess. My
> old project managed the user separately in our old database and used some
> libs like unbound ldap to connect with the ldap server. It is quite simple
> and straightforward http://stackoverflow.com/a/14452298/300359
>
> Thai Tran
>
> > On 23 Feb 2015, at 5:32 pm, Jay Ginete <[hidden email]> wrote:
> >
> > There's tapestry-security from the tynamo guys.
> >
> > http://tynamo.org/tapestry-security+guide
> >
> >> On Monday, 23 February, 2015 02:28 PM, Chung Khanh Duy wrote:
> >> Hi experts,
> >>
> >> I am using tapestry for building my web application. So far, I used
> >> username/password checking match in db for authentication and
> >> authorization. Sure, password was hashed. But I would like to upgrade
> >> security in my app by integrating LDAP into tapestry. I did some
> >> researching and found 2 approaches: Apache Shiro and Spring Security.
> >>
> >> If anyone has done with that, please give me some suggestion. Which one
> I
> >> should choose ?
> >>
> >> Many thanks,
> >> Duy.
> >>
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [hidden email]
> > For additional commands, e-mail: [hidden email]
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>
Reply | Threaded
Open this post in threaded view
|

Re: LDAP integration

martijn.list
On 02/23/2015 12:50 PM, Bob Harner wrote:
> If you are already using Spring heavily in your app then Spring Security is
> a reasonable choice. Otherwise I recommend you follow Jay's advice ad use
> the Tapestry-security module, which is a thin wrapper around Shiro. A lot
> of Tapestry users have had great success with that choice, including me.
>
> Regardless of the framework choice, you will still need to write the bit of
> code that queries your LDAP directory. The Unbound LDAP mentioned by Tai is
> a highly regarded library for that.

No sure about Shiro (since I have no experience with that) but I know
from experience that with Spring security, you only need to configure a
different authentication provider (ldap-authentication-provider) to use
LDAP. Unless you need something non standard, there is no need to write
new code to use LDAP authentication with spring security.

See for example:

http://docs.spring.io/spring-security/site/docs/3.0.x/reference/ldap.html

Kind regards,

Martijn Brinkers

--
CipherMail email encryption

Open source email encryption gateway with support for S/MIME, OpenPGP
and PDF messaging.

http://www.ciphermail.com

Twitter: http://twitter.com/CipherMail

---------------------------------------------------------------------
To unsubscribe, e-mail: [hidden email]
For additional commands, e-mail: [hidden email]

Reply | Threaded
Open this post in threaded view
|

Re: LDAP integration

duymap
Hi all,

Thanks all for your suggestion and comments, I really appreciate. It might
be 2 options in my mind:

1. Use tynamo security module that integrated LDAP & permission checking
with Shiro already

2. The second option could be flexible to combine authentication using LDAP
by using some libs to unbind & connect ldap server. Then use the user-table
for authorization ( permission checking).

Thanks so much guys.

Duy.

On Mon, Feb 23, 2015 at 7:07 PM, martijn.list <[hidden email]>
wrote:

> On 02/23/2015 12:50 PM, Bob Harner wrote:
> > If you are already using Spring heavily in your app then Spring Security
> is
> > a reasonable choice. Otherwise I recommend you follow Jay's advice ad use
> > the Tapestry-security module, which is a thin wrapper around Shiro. A lot
> > of Tapestry users have had great success with that choice, including me.
> >
> > Regardless of the framework choice, you will still need to write the bit
> of
> > code that queries your LDAP directory. The Unbound LDAP mentioned by Tai
> is
> > a highly regarded library for that.
>
> No sure about Shiro (since I have no experience with that) but I know
> from experience that with Spring security, you only need to configure a
> different authentication provider (ldap-authentication-provider) to use
> LDAP. Unless you need something non standard, there is no need to write
> new code to use LDAP authentication with spring security.
>
> See for example:
>
> http://docs.spring.io/spring-security/site/docs/3.0.x/reference/ldap.html
>
> Kind regards,
>
> Martijn Brinkers
>
> --
> CipherMail email encryption
>
> Open source email encryption gateway with support for S/MIME, OpenPGP
> and PDF messaging.
>
> http://www.ciphermail.com
>
> Twitter: http://twitter.com/CipherMail
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [hidden email]
> For additional commands, e-mail: [hidden email]
>
>


--
Chung Khánh Duy
Project Support Manager
Formos