0

Im trying to make my Bonita account authentication openID- enable login through a google account. Here http://documentation.bonitasoft.com/single-sign-cas they provide the way of doing it("Configure Bonita client for CAS"). My question is: how should I get the following parameters specified in the link: ip_address:port from google(gmail)? as probably noticed, im newly to be in this section. Any help will be deeply appreciated.

pomme
  • 45
  • 6

3 Answers3

0

Bonita BPM will not interact with OpenID protocol out of the box. However it supports the CAS protocol in the subscription editions.

What you probably need to do is to configure your CAS server to act as an authentication proxy.

Here is how it could work in theory (not sure it is feasible):

  1. Bonita BPM relays user authentication to your CAS server using the CAS protocol.
  2. Your CAS server delegates the user authentication to an OpenID provider such as google. Here is how you could activate OpenID support on the CAS server: http://jasig.github.io/cas/4.0.x/protocol/OpenID-Protocol.html

An alternative solution could also be to implement a specific Bonita authentication service for OpenID (this requires Java development). In that case you would no longer need CAS. I know for a fact that this is possible.

Be aware that both solutions are technically not trivial to put in place.

Cheers,

POZ
  • 583
  • 4
  • 11
  • thank you, ill try it. However considering the alternative solution, could u describe it a bit further? some good points to start from and main points to take care of would be great(im good in java but quite knowless in openId and cas stuff. – pomme Feb 12 '15 at 14:58
  • based on this article, http://www.ibm.com/developerworks/library/j-openid/ 1) in my case, will the openId provider(OP) be google? will my java code represent the relying party(RP)? if so.. 2) HOW do I make sure the user agent(browser, bonita) is directed to my java code (the RP) for authentication? 3) HOW do I access the OP(google?) to fwd him the user agent request? the question is how do I get the OP details(url?port?ip?) to accomplish the browser redirection for authentication by that specific OP? – pomme Feb 12 '15 at 15:33
0

You can integrate the BonitaBPM Subscription Edition with a Jasig CAS server:

http://documentation.bonitasoft.com/single-sign-cas-0

The CAS server can be configured to get it's authentication from OpenID as can be found here:

http://jasig.github.io/cas/4.0.x/protocol/OpenID-Protocol.html

Martijn Burger
  • 7,315
  • 8
  • 54
  • 94
0

I could integrate Bonita Community 7.7.4 with Apereo CAS. Details are here: https://github.com/sparse91/bonita-community-cas.

sparse
  • 139
  • 1
  • 5