views:

103

answers:

0

We are using Spring security in our application with support for username / password based authentication as well as Open id based authentication.

The issue is that google gives a different open id for the return url specified and we have at least 2 different entry points in our application from where open id is configured into our system.

Hence we decided to use open id realm.

http://blog.stackoverflow.com/2009/0...ue-per-domain/

http://groups.google.com/group/googl...unts-api?pli=1

how is it possible to integrate realm into our spring configuration/code ? This is how we are doing it in traditional openid library code:

AuthRequest authReq = consumerManager.authenticate(discovered, someReturnToUrl,"http://www.example.com");

This works and gives same open id for different urls from our site.

our configuration:

Code:

... 
<http auto-config="false"> 
    <!-- <intercept-url> tags are here  --> 
    <remember-me user-service-ref="someRememberedService" key="some key" /> 
    <form-login login-page="/Login.html" authentication-failure-url="/Login.html?error=true" always-use-default-target="false" default-target-url="/MainPage.html"/> 
    <openid-login authentication-failure-url="/Login.html?error=true" always-use-default-target="true" default-target-url="/MainPage.html" user-service-ref="someOpenIdUserService"/> 
</http> 
... 
<beans:bean id="openIdAuthenticationProvider" class="org.springframework.security.providers.openid.OpenIDAuthenticationProvider">
    <custom-authentication-provider />
    <beans:property name="userDetailsService" ref="openIdUserService"/>
</beans:bean>
<beans:bean id="openIdUserService" class="some.package.OpenIDUserDetailsService">
</beans:bean>
...