2

All, We are building a J2EE application with Spring security, want to use Open AM for generating security tokens. Please suggest the best practices/approach for this. Appreciate if you can provide any links and code samples.

Chakri
  • 1,013
  • 1
  • 11
  • 14
  • what are you going to do with the security tokens? – sourcedelica Jan 05 '12 at 15:33
  • They are used for authentication/authorization in the services layer. As we are doing it first time, want to get best practices. Appreciate your help. – Chakri Jan 05 '12 at 16:40
  • Please give more detail in your question about how you see it working. – sourcedelica Jan 05 '12 at 18:20
  • We have a secured business service (Service2) that is called by another service (Service1). To authenticate, they use openam generated tokens. Consumer of Service1 will generate a token and send it to Service1, which uses to call Service2. – Chakri Jan 09 '12 at 14:47

2 Answers2

1

Please see my articles on generic info related to Openam concepts http://reddymails.blogspot.com/2013/03/sso-for-java-or-net-web-based.html

and Steps to integrate JSF 2 web application with Openam using Spring SAML extension and Spring Security. http://reddymails.blogspot.com/2013/06/integrating-jsf-web-applicataion-with.html

You can follow the same steps for any J2ee based web application. It doesnt matter if its JSF or JSP or Struts based.

Reddymails
  • 793
  • 1
  • 10
  • 24
0

There's a great page on the OpenAM wiki which explains how to integrate OpenAM with Spring Security.

rmeakins
  • 1,309
  • 8
  • 13
  • Whilst this may theoretically answer the question, [it would be preferable](http://meta.stackexchange.com/q/8259) to include the essential parts of the answer here, and provide the link for reference. – BoltClock Apr 25 '12 at 20:53