Menu
I'm using Spring Security 3.0.x and I'd like my users to authenticate using OpenId and Facebook. Currently I've got the OpenId-part working, but I'm confused about how users can login with Facebook. I've read about the OAuth for Spring security, but as fas as I undestand, it is only good for accessing resources. The example applications authenticate with username and password.
So my question is, how do I authenticate users with Facebook using Spring security?
549
Simply put, Spring Security hold the principal information of each authenticated user in a ThreadLocal – represented as an Authentication object. In order to construct and set this Authentication object – we need to use the same approach Spring Security typically uses to build the object on a standard authentication.
The Spring Security OAuth project has reached end of life and is no longer actively maintained by VMware, Inc. This project has been replaced by the OAuth2 support provided by Spring Security and Spring Authorization Server.
Facebook is ditching its proprietary Facebook Connect system, which lets people use their Facebook username and password to log in to other sites around the web. In its place, the company will implement OAuth 2.0, an open source (and soon to be IETF standard) protocol for user authentication.
Spring Security doesn't address this (as of yet). Check out Spring Social which is designed to connect your app to Facebook, Twitter, etc. Also check out this blog post, where they have integrated Spring Social and Spring Security.
65
I have created a new project called spring-security-social for Facebook, which provides an authentication filter based on spring-security-oauth. As opposed to spring-security-facebook, it is actively maintained by acoveo software development and builts upon the new spring-security-oauth release.
31
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
