Forum Post: RE: OE REST Login WebApp

Status
Not open for further replies.
M

Michael Jacobs

Guest
The appSecurity*.xml files are 90% pure Spring. About 5% is OE extensions to inject CORS support and AppServer SSO conversion to Client-Principal. Another 2% is a Spring compliant provider for the OERealm support. The last 3% is subclassed Spring objects that respond with JSON payloads for authn success, failure, and invalid sessions for JavaScript (JSDO) clients when they accept the type application/json. Even the OE written Spring beans conform to Spring's framework and configuration file schema. It's all there in the Spring documentation if one has a requirement for handling special use-cases and intestinal fortitude to dig into the how and why. General statement: Anything OE written in the appSecurity configurations "should" have documentation that describes its purpose, relationship to Spring security processes, and its configuration options. I guess filling in the blanks is why this forum exists. Continue asking - I'll continue helping you have fun with your new toys. Mike J.

Continue reading...
 
Status
Not open for further replies.

Similar threads

M
  • Locked
[Progress Communities] [Progress OpenEdge ABL] Forum Post: RE: PASOE: access to the HTTP Authorization header from web handler
Replies
0
Views
903
Michael Jacobs
M
O
  • Locked
[Progress Communities] [Progress OpenEdge ABL] Forum Post: RE: FORBIDDEN as response from PASOE
Replies
0
Views
2K
OctavioOlguin
O
M
  • Locked
[Progress Communities] [Progress OpenEdge ABL] Forum Post: RE: FORBIDDEN as response from PASOE
Replies
0
Views
1K
Michael Jacobs
M
M
  • Locked
[Progress Communities] [Progress OpenEdge ABL] Forum Post: RE: PASOE - Redirect to Auth Server in oauth2 client login model?
Replies
0
Views
451
Michael Jacobs
M
S
  • Locked
[Progress Communities] [Progress OpenEdge ABL] Forum Post: Reusing existing domains/authentication system callbacks with Spring security
Replies
0
Views
247
Simon L. Prinsloo
S
Top