Skip to main content

Posts

Showing posts from August, 2012

Spring Security and Regular Expression User Details Wrapper

Spring Security provides out of the box support for integrating with Single Sign On systems through its org.springframework.security.web.authentication.preauth.PreAuthenticatedAuthenticationProvider object. For example you can use this to integrate with CA's SiteMinder or Oracle IDM system. In one of my recent projects, we were integrating our custom build Java application with OracleAS 10g SSO. This SSO system as part of OracleAS integrates with Oracle Internet Directory and  injects the following header attributes for integrated partner applications. Osso-User-Dn Osso-User-Guid Osso-Subscriber Osso-Subscriber-Dn Osso-Subscriber-Guid http://docs.oracle.com/cd/B28196_01/idmanage.1014/b15997/mod_osso.htm   provides more details on OracleAS SSO application development.  Each of these attributes have different formats. In our environment, standard was to use Oss-User-Dn which contained values in the following format cn=username, cn=Users,dc=department,dc=company,dc=com. Ou