search

eurekaclinical / cas

Patched JASIG CAS server used for authentication by Eureka!
http://eurekaclinical.org
Apache License 2.0
2 stars 6 forks source link

allowing redirect option to OAuth login screen #11

Closed akalsan closed 8 years ago

akalsan commented 8 years ago

Although the property belongs more to cas.properties, i put it in the same place as the oauth provider key and secrets. Do you want to move all to cas.properties?

arpost commented 8 years ago

There are oauth provider keys and secrets in both cas.properties (for login) and application.properties (for registration). In this case, because we're talking about login, any additional properties belong in cas.properties.

Having said that, are you sure another property is needed? I recall there's a property for a comma-separated list of login types that require the username and password fields. If none are listed, in theory, the username and password fields may be omitted.

Also, your patch is missing a use case: no local or ldap login, but multiple oauth providers. In this case, you should show the oauth provider icons but omit the username and password fields.

akalsan commented 8 years ago

i see that CasProperties.java is not reading any values from cas.properties. It loads only application.properties. Variables like cas.auth.oauth.twitter.key and eureka.webapp.twitteroauthkey both are in application.properties. cas.properties values are only read in deployerConfigContext.xml. I can add additional variable to cas.properties and read that file in CasProperties.java.

I don't see any other property for a list of login types. the list of oauth providers is obtained from if the key and secret values are listed in the application.properties.

what is the property that tells me if there is no local or ldap login? i see a bunch of eureka.ldap.* properties in the cas.properties in cas-server project. is it one of them?

arpost commented 8 years ago

You are correct about CasProperties.java, but there is a cas.properties property for what you need. The property's name is eureka.authHandlers, and it's in cas.properties.

Andrew

On Fri, Aug 12, 2016 at 10:12 AM, Akshatha Pai notifications@github.com wrote:

i see that CasProperties.java is not reading any values from cas.properties. It loads only application.properties. Variables like cas.auth.oauth.twitter.key and eureka.webapp.twitteroauthkey both are in application.properties. cas.properties values are only read in deployerConfigContext.xml. I can add additional variable to cas.properties and read that file in CasProperties.java.

I don't see any other property for a list of login types. the list of oauth providers is obtained from if the key and secret values are listed in the application.properties.

what is the property that tells me if there is no local or ldap login? i see a bunch of eureka.ldap.* properties in the cas.properties in cas-server project. is it one of them?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/eurekaclinical/cas/pull/11#issuecomment-239457012, or mute the thread https://github.com/notifications/unsubscribe-auth/AEyxJzPkZc8_d2uFLOoEqNWdBGe3qHPIks5qfH9OgaJpZM4JiWsu .

akalsan commented 8 years ago

The value for that property is - eureka.authHandlers=jdbc is there an example of multiple values or have the list of comma separated values possible?

arpost commented 8 years ago

eureka.authHandlers=jdbc,ldap

On Fri, Aug 12, 2016 at 11:14 AM, Akshatha Pai notifications@github.com wrote:

The value for that property is - eureka.authHandlers=jdbc is there an example of multiple values or have the list of comma separated values possible?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/eurekaclinical/cas/pull/11#issuecomment-239473976, or mute the thread https://github.com/notifications/unsubscribe-auth/AEyxJ8wGznjpyIoeqbjAIcNAwUtePnfmks5qfI3cgaJpZM4JiWsu .

arpost commented 8 years ago

The idea is to set

eureka.authHandlers=

in order to turn off the username and password fields.

On Fri, Aug 12, 2016 at 11:26 AM, Andrew Post andrew.post55@gmail.com wrote:

eureka.authHandlers=jdbc,ldap

On Fri, Aug 12, 2016 at 11:14 AM, Akshatha Pai notifications@github.com wrote:

The value for that property is - eureka.authHandlers=jdbc is there an example of multiple values or have the list of comma separated values possible?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/eurekaclinical/cas/pull/11#issuecomment-239473976, or mute the thread https://github.com/notifications/unsubscribe-auth/AEyxJ8wGznjpyIoeqbjAIcNAwUtePnfmks5qfI3cgaJpZM4JiWsu .

akalsan commented 8 years ago

Thanks.

akalsan commented 8 years ago

This is how the login screen looks when the username and password is disabled.

screen shot 2016-08-12 at 2 38 00 pm

akalsan commented 8 years ago

eureka.authHandlers= The above configuration throws an error.(attached the stacktrace). I can take a look at it.
I tested the changes in this pull request by manipulating that variable in casproperties.java. error-authHandlers.txt

arpost commented 8 years ago

Take a look at the choose account type page in the user registration workflow. We should use the same larger OAuth icons on this page when the username and password fields are hidden.

Sent from my iPhone

On Aug 12, 2016, at 3:37 PM, Akshatha Pai notifications@github.com wrote:

This is how the login screen looks when the username and password is disabled.

— You are receiving this because you commented. Reply to this email directly, view it on GitHub, or mute the thread.