Sorry about that. I always feel sorry for the poor readers if one can't understand what I mean. Looks I failed again to properly expressing myself. Thanks for your patience.
Originally Posted by stoicflame
First, I'm not sure that there's anything that needs to be added to the library (hope my message didn't imply that). I was simply wondering how I need to configure OAuth for Spring Security to achieve c). It may be possible or it may be not. I'm not familiar with the code yet to tell.
The Tonr 2 example shows how to request resources from Facebook on behalf of the user. However, the example still requires the user to log into Tonr 2 using his Tonr username/password combination i.e. the user can't use his Facebook credentials to access Tonr's /facebook/** resources.
I want to support a-c in one and the same application. It will be similar to http://www.gerixsoft.com/user/login (Facebook integration seems broken). The application has one single login page but conceptually three different login forms: username/password, OpenID, link to Facebook with redirect URL.
<http auto-config='true' access-denied-page="/login.jsp">
<intercept-url pattern="/facebook/**" access="ROLE_USER" />
Thanks to the "Spring Security 3" book chapter 8 I've got OpenID covered. So, a) and b) work just fine. I offer two login options on login.jsp. Excerpt from the configuration:
How is it possible to add OAuth for Spring Security configuration elements to achieve c)?
<http auto-config="true" use-expressions="true">
<intercept-url pattern="/login.jsp" access="permitAll" />
<intercept-url pattern="/*" access="hasRole('ROLE_USER')" />
<form-login login-page="/login.jsp" login-processing-url="/login" default-target-url="/"/>
<logout logout-url="/logout" />
<openid-attribute name="firstName" type="http://schema.openid.net/namePerson/first" />
<openid-attribute name="lastName" type="http://schema.openid.net/namePerson/last" />