Feb 14th, 2013, 06:45 PM
Is there any resource/link that shows how to customize the UAA for our app usage?
So, I have the UAA project downloaded to my computer and want to use it for our environment. So using our database for users, our virtual machines for hosting, and our applications accessing it. But the current download seems tied, in a way to cloudfoundry. Not in that it logins through cloudfoundry, but the UI login page, which should be in our own webapp with other stuff.
I am just looking for a post or tutorial that steps through it.
Feb 15th, 2013, 03:26 AM
I have a blog started on that but it isn't published yet. If you look at the next release of the UAA (on the "develop" branch currently) it is whitelabelled, and all the branding is in the login-server (also in the cloudfoundry github account). The login-server is used for branding and authentication, so that might be the best place to customize those things (but you could still just replace or edit the JSPs in the UAA if you want something super simple).
Feb 15th, 2013, 10:28 AM
Well you can't replace the jsps as they stand because they are too coupled with tags and scripts. So there is no way to figure out what is changeable, what can be removed, and what is required. So definitely no replacement, and very difficult to maintain and edit. The scripts in those pages really need to be put into a .js file.
Anyway, we aren't using those pages, we have our own web app that has a login screen and we are using that one.
However, I also should have mentioned that I also mean customizing internals. For instance all the URLs that are used to grant and get tokens. Also when someone logs in with their username/password we send them a token, but we have other work we need to do at that point, like put some information into Redis for those other socket applications. Our user data will still be stored in Postgres still.
Feb 15th, 2013, 11:14 AM
In regards to my Redis functionality that I want to add.
I think, so far, I have come up with two approaches. One that modifies UAA common code, and one that doesn't
1) Modify LoginAuthenticationManager at the end of the authenticate method, put the information up into Redis. This I think would work and at that point it is easy to get user information, however I don't see how I can get their access token information.
2) Create a Spring Security Filter and figure out what to code into it, and figure out where in the chain it should go.