Re: Contact enquiry: Website enquiry: miltonio

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|

Re: Contact enquiry: Website enquiry: miltonio

bradmacnz

The popup box will always appear on first request, unless there is some security context sharing protocol that i dont know about. As far as i know, Microsoft webdav clients all implement challenge/response authentication, so there will always be a login popup box.

For an example just have a look at the standard implementations like BasicAuthHandler:

public class BasicAuthHandler implements AuthenticationHandler {

    private static final Logger log = LoggerFactory.getLogger( BasicAuthHandler.class );

    @Override
    public boolean credentialsPresent(Request request) {
        return request.getAuthorization() != null;
    }

   
   
    @Override
    public boolean supports( Resource r, Request request ) {
        Auth auth = request.getAuthorization();
        if( auth == null ) {
            log.trace("supports: no credentials provided");
            return false;
        }
        log.trace( "supports: {}", auth.getScheme() );
        boolean b    = auth.getScheme().equals( Scheme.BASIC );
        if( b ) {
            log.trace("supports: is BASIC auth scheme, supports = true");
        } else {
            log.trace("supports: is BASIC auth scheme, supports = false");
        }
        return b;
    }

    @Override
    public Object authenticate( Resource resource, Request request ) {
        log.trace( "authenticate" );
        Auth auth = request.getAuthorization();
        Object o = resource.authenticate( auth.getUser(), auth.getPassword() );
        log.trace( "result: {}", o );
        return o;
    }

    @Override
    public void appendChallenges( Resource resource, Request request, List<String> challenges ) {
        if( resource == null ) {
            throw new RuntimeException("Can't generate challenge because resource is null, so can't get realm");
        }
        challenges.add("Basic realm=\"" + resource.getRealm() + "\"");
    }

    @Override
    public boolean isCompatible( Resource resource, Request request ) {
        return true;
    }
}



On 23/03/17 21:54, 刘博 wrote:

Thanks Brad,

Milton does allow external authentication, so you can get your container to handle it. Please ensure you implement Milton's AuthenticationHandler to expose the logged in user to the milton api.

Do you have example for this?that may help me understand quickly.

Does this mean if I using the external handler ,the pop up box will dispear when user open a document.

I'm not using a customer SecurityManager.

Thanks



2017年03月23日 16:22[hidden email] 写道:

Hi,

Its great that you have things working. If you are supporting please ensure you have cookie authentication working, because Windows does not do pre-emptive authentication. This will be the case if you are using the annotation based user and authentication methods, but if you are using a custom milton SecurityManager you might need to do some extra work.

I'm very sorry, but i cant offer any information about SPEGNO. But Milton does allow external authentication, so you can get your container to handle it. Please ensure you implement Milton's AuthenticationHandler to expose the logged in user to the milton api.

Regards,

Brad


On 23/03/17 21:12, [hidden email] wrote:
Name Abel Liu
Email [hidden email]
Phone +86 18621747407
Company HSBC
Contact form /contactus

Hi Brad, I'm doing the demo using the annotation to implement webdav in my application and allow user to edit the file using MS word online. Currently it works fine for the update functionality except it pop up dialogue box require username and password every time. I saw some SSO information about milton. But I still don't know how to integrated with milton. I heard that we are using SPNEGO setup on WAS server and WAS will negotiate with browser kerbos token. In this case how we can integrate with Milton annotation. Thanks, Abel


--
Click here to create Incredible Customer Experiences.
Brad McEvoy | Co-founder
New Zealand +64 29 200 3537 W WWW.KADEMI.CO


View Patrick Hone's profile on LinkedIn


This message, including any attachments is strictly confidential and may be legally privileged. If you are not the intended recipient, you should not disclose, copy or use any part of it including attachments & should delete all copies immediately before notifying the sender at Kademi. Any information, attachments, statements or opinions contained in this message are given by the author & not on behalf of Kademi. All sent and received email from/to Kademi is automatically scanned for the presence of computer viruses, security issues and inappropriate content, However we cannot guarantee that viruses are not present in this message. Internet communications are not secure. Under no circumstances do we accept liability for any loss or damage that may result from your receipt of this message or any attachment.

_______________________________________________
Milton-users mailing list
[hidden email]
http://lists.justthe.net/mailman/listinfo/milton-users
Reply | Threaded
Open this post in threaded view
|

Re: Contact enquiry: Website enquiry: miltonio

bradmacnz
Hi,

This configuration is outside of the scope of annotations, its part of
the stack building.

Instead you configure the stack with HttpManagerBuilder (or
HttpManagerBuilderEnt)

This is intended to follow the builder pattern where you set whatever
properties you want, and then the HttpManager gets built. This pattern
is compatible with spring usage, although you can easily configure
programmatically in your own servlet filter

Here's an example showing programmatic config:

https://github.com/miltonio/milton2/blob/master/examples/milton-anno-ref/src/main/java/com/mycompany/MyOwnServlet.java

And here's an example using spring

https://github.com/miltonio/milton2/blob/master/examples/milton-anno-bandstand/src/main/resources/miltonContext.xml

/Brad


On 28/03/17 23:34, [hidden email] wrote:
>
> Hi Brad, I'm still working on the demo. I still have question about
> the AuthenticationHandler. I can see that it will load basic and other
> authentication handers. If I create a new one handler using the SSO to
> do the validation, how can I remove all of others handler and use my
> handler. I'm using the annotation way. Have you have example show how
> to implement this in a SSO way, I really don't know how to implement
> this. I told you we are using SPNEGO setup on WAS server as SSO. I Thanks
>

_______________________________________________
Milton-users mailing list
[hidden email]
http://lists.justthe.net/mailman/listinfo/milton-users