I need to create a CUSTOM LOGIN PAGE in place of default login page of
'eclipse-aggregate-gae' project.
I've attached the default login page where a 'pop-up' appears which is of
spring-security system. I need to get rid of that pop-up and perform login
via my custom page.
I've attached the login-form of custom page. Now when I click the 'Login'
button it should go to redirection page as that of default system.
I removed the following lines from 'applicationContext-security.xml' :
i.e. all the occurrences of "local_login.html". The result was pop-up got
removed but I am not able to login via my page. How am I suppose to use
spring-security and login from my page.
What do you want this custom login page to do? Are you just trying to
pretty-up the UI?
Or are you trying to integrate with an authentication source/service other
than OpenID?
Keep in mind that if you want to restrict access to some features for some
users of ODK Aggregate, you will need to populate the relevant tables
within ODK Aggregate with the permissions granted to those users. This may
affect how you proceed.
If you are just trying to pretty-up the UI, you are out-of-luck. The ODK
Aggregate login sequence uses digest auth, and the ugly pop-up that is
presented to the user is something defined by the browser, not by the
application. I am unaware of any ability to clean up or improve that login
pop-up through browser add-ons.
Mitch
···
On Fri, Aug 9, 2013 at 4:43 AM, subash basnet wrote:
I need to create a CUSTOM LOGIN PAGE in place of default login page of
'eclipse-aggregate-gae' project.
I've attached the default login page where a 'pop-up' appears which is of
spring-security system. I need to get rid of that pop-up and perform login
via my custom page.
I've attached the login-form of custom page. Now when I click the 'Login'
button it should go to redirection page as that of default system.
I removed the following lines from 'applicationContext-security.xml' :
i.e. all the occurrences of "local_login.html". The result was pop-up got
removed but I am not able to login via my page. How am I suppose to use
spring-security and login from my page.
I need to create a login page which does the task of login to the system
via that page instead of the ugly pop-up. I would want to get rid of pop-up
and login via a page.
Thanking in Advance
···
On Friday, August 9, 2013 10:27:05 PM UTC+5:45, Mitch wrote:
>
> Stepping back a bit....
>
> What do you want this custom login page to do? Are you just trying to
> pretty-up the UI?
>
> Or are you trying to integrate with an authentication source/service other
> than OpenID?
>
> Keep in mind that if you want to restrict access to some features for some
> users of ODK Aggregate, you will need to populate the relevant tables
> within ODK Aggregate with the permissions granted to those users. This may
> affect how you proceed.
>
>
> If you are just trying to pretty-up the UI, you are out-of-luck. The ODK
> Aggregate login sequence uses digest auth, and the ugly pop-up that is
> presented to the user is something defined by the browser, not by the
> application. I am unaware of any ability to clean up or improve that login
> pop-up through browser add-ons.
>
> Mitch
>
>
>
>
> On Fri, Aug 9, 2013 at 4:43 AM, subash basnet <yasu...@gmail.com wrote:
>
>> I need to create a *CUSTOM LOGIN PAGE* in place of default login page of
>> 'eclipse-aggregate-gae' project.
>>
>> I've attached the default login page where a 'pop-up' appears which is of
>> spring-security system. I need to get rid of that pop-up and perform login
>> via my custom page.
>> I've attached the login-form of custom page. Now when I click the 'Login'
>> button it should go to redirection page as that of default system.
>>
>> I removed the following lines from 'applicationContext-security.xml' :
>>
>> > "channelProcessingFilter,securityContextPersistenceFilter,logoutFilter,oauth2ResourceFilter,oobAuthFilter,${security.server.deviceAuthentication}AuthFilter,requestCacheAwareFilter,anonymousFilter,securityContextHolderAwareFilter,sessionManagerFilter,localExceptionTranslationFilter,filterSecurityInterceptor"
>> />
>>
>> > "${security.server.channelType}" />
>>
>>
>>
>> i.e. all the occurrences of "local_login.html". The result was pop-up got
>> removed but I am not able to login via my page. How am I suppose to use
>> spring-security and login from my page.
>>
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "ODK Developers" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to opendatakit-developers+unsubscribe@googlegroups.com
>> .
>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>>
>>
>
>
>
> --
> Mitch Sundt
> Software Engineer
> University of Washington
> mitche...@gmail.com
>
Stepping into the conversation, is there a topic where is discussed deeper
the custom authentication?
I'm starting a project where ODK is the chosen base system, but auth needs
to be validated via standard REST Api from the company, so I could ask this
WebService if the user exists and has the correct info, and then after
that, I show up this login pop-up?
Do you suggest any other approach?
Thanks in advance
···
On Friday, August 9, 2013 at 11:42:05 AM UTC-5, Mitch wrote:
>
> Stepping back a bit....
>
> What do you want this custom login page to do? Are you just trying to
> pretty-up the UI?
>
> Or are you trying to integrate with an authentication source/service other
> than OpenID?
>
> Keep in mind that if you want to restrict access to some features for some
> users of ODK Aggregate, you will need to populate the relevant tables
> within ODK Aggregate with the permissions granted to those users. This may
> affect how you proceed.
>
>
> If you are just trying to pretty-up the UI, you are out-of-luck. The ODK
> Aggregate login sequence uses digest auth, and the ugly pop-up that is
> presented to the user is something defined by the browser, not by the
> application. I am unaware of any ability to clean up or improve that login
> pop-up through browser add-ons.
>
> Mitch
>
>
>
>
> On Fri, Aug 9, 2013 at 4:43 AM, subash basnet <yasu...@gmail.com > wrote:
>
>> I need to create a *CUSTOM LOGIN PAGE* in place of default login page of
>> 'eclipse-aggregate-gae' project.
>>
>> I've attached the default login page where a 'pop-up' appears which is of
>> spring-security system. I need to get rid of that pop-up and perform login
>> via my custom page.
>> I've attached the login-form of custom page. Now when I click the 'Login'
>> button it should go to redirection page as that of default system.
>>
>> I removed the following lines from 'applicationContext-security.xml' :
>>
>> > "channelProcessingFilter,securityContextPersistenceFilter,logoutFilter,oauth2ResourceFilter,oobAuthFilter,${security.server.deviceAuthentication}AuthFilter,requestCacheAwareFilter,anonymousFilter,securityContextHolderAwareFilter,sessionManagerFilter,localExceptionTranslationFilter,filterSecurityInterceptor"
>> />
>>
>> > "${security.server.channelType}" />
>>
>>
>>
>> i.e. all the occurrences of "local_login.html". The result was pop-up got
>> removed but I am not able to login via my page. How am I suppose to use
>> spring-security and login from my page.
>>
>>
>>
>> --
>> You received this message because you are subscribed to the Google Groups
>> "ODK Developers" group.
>> To unsubscribe from this group and stop receiving emails from it, send an
>> email to opendatakit-developers+unsubscribe@googlegroups.com
>> .
>> For more options, visit https://groups.google.com/groups/opt_out.
>>
>>
>>
>
>
>
> --
> Mitch Sundt
> Software Engineer
> University of Washington
> mitche...@gmail.com
>
The ugly pop-up is because we are using digest auth, which is the
authentication protocol used between ODK Collect and the server.
You need to leave digest-auth in place if you want to use ODK Collect
without modification.
You can add another auth mechanism (e.g., form-based auth). Read up on
Spring. It is not a trivial change.
···
On Mon, Aug 12, 2013 at 3:57 AM, subash basnet wrote:
I need to create a login page which does the task of login to the system
via that page instead of the ugly pop-up. I would want to get rid of pop-up
and login via a page.
Thanking in Advance
On Friday, August 9, 2013 10:27:05 PM UTC+5:45, Mitch wrote:
Stepping back a bit....
What do you want this custom login page to do? Are you just trying to
pretty-up the UI?
Or are you trying to integrate with an authentication source/service
other than OpenID?
Keep in mind that if you want to restrict access to some features for
some users of ODK Aggregate, you will need to populate the relevant tables
within ODK Aggregate with the permissions granted to those users. This may
affect how you proceed.
If you are just trying to pretty-up the UI, you are out-of-luck. The ODK
Aggregate login sequence uses digest auth, and the ugly pop-up that is
presented to the user is something defined by the browser, not by the
application. I am unaware of any ability to clean up or improve that login
pop-up through browser add-ons.
Mitch
On Fri, Aug 9, 2013 at 4:43 AM, subash basnet yasu...@gmail.com wrote:
I need to create a CUSTOM LOGIN PAGE in place of default login page
of 'eclipse-aggregate-gae' project.
I've attached the default login page where a 'pop-up' appears which is
of spring-security system. I need to get rid of that pop-up and perform
login via my custom page.
I've attached the login-form of custom page. Now when I click the
'Login' button it should go to redirection page as that of default system.
I removed the following lines from 'applicationContext-security.**xml' :
i.e. all the occurrences of "local_login.html". The result was pop-up
got removed but I am not able to login via my page. How am I suppose to use
spring-security and login from my page.
--
You received this message because you are subscribed to the Google
Groups "ODK Developers" group.
To unsubscribe from this group and stop receiving emails from it, send
an email to opendatakit-developers+**unsubscribe@googlegroups.com.
For more options, visit https://groups.google.com/**groups/opt_outhttps://groups.google.com/groups/opt_out
.
--
Mitch Sundt
Software Engineer
University of Washington mitche...@gmail.com
The easiest solution is to place the Tomcat server behind a gateway (e.g.,
Apache2) server that does authentication and then forwards the requests to
Tomcat.
To make this work with SSL (https), you need the forwarding connection
between the Apache2 server and the Tomcat server configured to use SSL
(just install the certificate on the Apache2 server and also install it on
the Tomcat server, and set up the forwarding to use https; configure Tomcat
to have
ports that are only open to local traffic and when you run the ODK
Aggregate installer, specify the ports and hostname used by the Apache2
server).
Otherwise, if you must modify the source, see the "OutOfBand..." set of
classes that handle authentication via Google's AppEngine UserService.
These could be modified or copied to handle authentication through another
service. They are under:
src/main/java/org/opendatakit/common/security
and the configuration file that specifies the security configuration is:
···
On Tue, Nov 24, 2015 at 7:40 PM, Julián R Figueroa wrote:
Hi Mitch!
Stepping into the conversation, is there a topic where is discussed deeper
the custom authentication?
I'm starting a project where ODK is the chosen base system, but auth needs
to be validated via standard REST Api from the company, so I could ask this
WebService if the user exists and has the correct info, and then after
that, I show up this login pop-up?
Do you suggest any other approach?
Thanks in advance
On Friday, August 9, 2013 at 11:42:05 AM UTC-5, Mitch wrote:
Stepping back a bit....
What do you want this custom login page to do? Are you just trying to
pretty-up the UI?
Or are you trying to integrate with an authentication source/service
other than OpenID?
Keep in mind that if you want to restrict access to some features for
some users of ODK Aggregate, you will need to populate the relevant tables
within ODK Aggregate with the permissions granted to those users. This may
affect how you proceed.
If you are just trying to pretty-up the UI, you are out-of-luck. The ODK
Aggregate login sequence uses digest auth, and the ugly pop-up that is
presented to the user is something defined by the browser, not by the
application. I am unaware of any ability to clean up or improve that login
pop-up through browser add-ons.
Mitch
On Fri, Aug 9, 2013 at 4:43 AM, subash basnet yasu...@gmail.com wrote:
I need to create a CUSTOM LOGIN PAGE in place of default login page
of 'eclipse-aggregate-gae' project.
I've attached the default login page where a 'pop-up' appears which is
of spring-security system. I need to get rid of that pop-up and perform
login via my custom page.
I've attached the login-form of custom page. Now when I click the
'Login' button it should go to redirection page as that of default system.
I removed the following lines from 'applicationContext-security.xml' :
i.e. all the occurrences of "local_login.html". The result was pop-up
got removed but I am not able to login via my page. How am I suppose to use
spring-security and login from my page.
