Is there a Spring Security OpenId Registration like stackoverflow?

29
votes

I cannot find a complete example anywhere of a Spring Security Web App with Open Id registration similar to stackoverflows.

I would say I'm pretty techy guy but I find Spring Security extremely intimidating with its weird Spring XML DSL.

I have found bits and pieces of how one would do the good ole' stackoverflow registration using:

But no complete examples (WAR). Does anyone know or have a working example (ie WAR) that does more than just authenticate with an in-memory openid urls?

UPDATE: The latest version of Spring Social does a very good job of managing Oauth registration. We ended up using it instead. Although its not OpenId I have grown to prefer Oauth over OpenId. For those interested in there is a project to use OpenId with spring social: https://github.com/molindo/spring-social-openid

5
spring-securityopenidregistrationspring-social
We did eventually get openid to work with spring security but I will say openid is kind of flakey. Not to mention most people these days are using Facebook and Twitter to signup.Adam Gent

5 Answers

5
votes

Have you looked at the latest version of the sample code (for the 3.1 release)?

It has several improvements to make it simpler to use Google and Yahoo authentication together (with different attribute exchange configurations simultaneously), uses a similar login dialog to stack overflow and performs simple registration in the case of users who have not previously accessed the app.

See this issue https://jira.springsource.org/browse/SEC-1431 (and the linked one) for more information.

1
votes

I know this is not really helpful in answering your Question but I am currently building a Grails based web application and initailly started using Spring Security but also found it difficult to setup.

I then changed to Apache Shiro and it is much simpler to implement. But it doesn't have support for openid out of the box, but the nimble grails plugin does so you may be able to use that as an example to write your own.

1
votes

It's not exactly OpenID, it uses Facebook Connect, but checkout Spring's GreenHouse. That's great code written by the guys from Spring you can use to jumpstart your app.

0
votes

Yes, In spring application, user can authenticate into your application with open ID provider.

1) Here is the sample example of spring open ID login application.

2) Here is the sample example of spring security social login application and blog here.