Can someone help me in implementing OpenID, Facebook Connect and Twitter OAuth in a ColdFusion 9 application as single signon. I have checked ColdFusion-based OpenID script on RiaForge and lost in the middle to store returning authenticated data into the database. I could not find good tutorials regarding this. If some can guide me a way, it would be great. Thanks.
The ColdFusion Meetup group has a presentation about this recently:
"CFMeetup: Authentication made easy using Twitter/Facebook/Google/more"
http://experts.adobeconnect.com/p6wit9dnz39/
Charlie Arehart maintains a large list of CF presentations here: http://www.carehart.org/ugtv/
Related
I need to connect to the google ads API with a coldfusion application. I already setup a connection to the google analytics API with the use of a code written by Jen (https://github.com/jensbits/CF-GA-service/blob/master/cfanalytics/cfanalytics.cfc).
I know this is not a straight forward question, but I am stuck on how to proceed this for google ads. Is there any reference material online that explains how to do this in coldfusion? Or can anyone help with the first steps setting this up.
At work we have a system set up running a ThinkTecture IndentityServer SSO provider which currently provides authentication for several .NET and ColdFusion sites. I am currently working on a new site we are supporting in Ruby on Rails and am having difficulty figuring out how to connect it to the SSO. (I'm pretty new to rails, but a long time developer in CF and .NET)
I've looked at the omniauth-oauth2 and oauth2 gems but it seems there are important parts missing from the documentation and explanations I can find. There is a ton of info if I wanted to authenticate using Twitter, Facebook or something similar, but I can't find anything that just addresses the client side for any generic OAuth2 provider.
I'm just looking for someone to point me in the right direction to find information on how I can do this. I don't care if it's specific to IdentityServer or just generic regardless of the provider. Thanks for the help.
Update: Just so you know, I would prefer to use OAuth2 for this connection, but I am not opposed to using any of the other ways that IdentityServer provides, including ADFS, WSFed or Simple HTTP. I can't use OpenID, though, because these accounts are specific to our system and can't be used for other systems.
You really need an open id connect library.
http://openid.net/developers/libraries/
It turns out this is pretty easy, overall. The difficulty is that there is no straight answer to the question. How you connect to IdentityServer entirely depends upon how IdentityServer is set up.
I'm not going to post my exact code, as this will not help anyone who doesn't have IdentityServer set up exactly the same way we do, and as I don't have access to the IdentityServer, I can't say exactly how that is. I will explain the overall solution, though.
The only gem needed for this is JWT
Get key codes from IdentityServer admin (client id, secret key, sign key)
Build login URL according to configuration of IdentityServer
Redirect user to login path generated in the last step
Receive token back from IdentityServer
Decode and verify using the JWT.decode function
From there you just have a JSON string with your data.
I am building a facebook application (using Django) in which I have to read data from blogs using Google Blogger Data API. The blog could be any public blog.
So, what kind of authentication/ authorization mechanism I should use in Google Blogger API for my application and how? I don't want a redirected Google log-in page to open in my app.
Google Console also provides API Key by which we can read public data but I am not sure if it is really a right choice for my app.
I am currently using ClientLogin under development.
I even got a weird idea of using ClientLogin even after the release to read data from my blog as it doesn't limit the number of requests/ day. Does that make my blog insecure?
Using OAuth Service protocols or Google API Access tokens for pulling public data would do that job.
In 2009, someone asked for 'the best' ColdFusion OpenID solution. I'd like to revisit the question again because it looks like the OpenID projects on RiaForge are getting dated.
Q: Is that because OpenID hasn't changed much?
I signed up for Google oauth, but I think that's more than what I need because oauth has to do with gaining access to someone's calendar or GMail account, and I'm just looking for the same type of login as on StackOverflow.
I watched the cfmeetup video OAuth demystified and got lost in the explanation. Maybe I should watch it again...
I'm actually using the OpenID CFC from RIAForge for a couple of projects, but I'm wondering if OpenID's day has come and gone.
Is your goal to delegate authentication to other services (Google, Yahoo, etc) or to authenticate clients on your site using a local user account? OAuth is more for the latter than the former.
There does appear to be a new player that looks to solve the same problem as OpenID: BrowserID.
I will launch soo a new iPhone app and want to off-load the forums to my actual FogBugz On Demand account.
However, I discover that FOD have no facility to integrate Single sing-on. I use django and have the option to use open-id, but not know if exist a way to make this happend.
Obviously, I could hack a simple forums like the one on FogBugz in django or reuse one, but I just think that aintegrated forum with the bug tracking is the best thing.
Any idea?
FogBugz On Demand now natively includes some authentication methods other than the standard username/password authentication.
Setting up authentication with Google's OAuth is quite simple for companies using Google Apps for work email. Once an administrator enables OAuth following the instructions in this article on Fog Creek Software's help site, logging in is as simple as clicking the OAuth button on the login page. All of the users' settings are retained.
If you’re already managing the rest of your authentication through a SAML 2.0 provider, you can also use your identity provider for FogBugz login. Steps for configuring SSO can be found in this article. This requires a bit more configuration than OAuth, but will work for companies that don't use Google Apps for email.
Of course, if you have any questions about configuring SSO in FogBugz, you can always contact customer support at http://www.fogcreek.com/contact/.
From the FogBugz forum:
http://support.fogcreek.com/default.asp?fogbugz.4.102256.3
I believe this is you there also. The answer provided shouldn't be too difficult to implement.