How to do authentication using LDAP, Application, Third Party application etc

Question

We will be creating a web application in java.

For User Authentication currently we are using LDAP. But we want to have some other options like application level authentication (from database) , gmail, facebook etc.

Somewhat similar to what stack overflow has on login page.

We will be maintaining a properties file which will consist of all the available options for authentication like LDAP, facebook, gmail etc.

If we want to add one more authentication service we will add it in this properties file and then we will need to add helper file which will do the actual work of doing the authentication.

This should be highly customizable.

I have following questions regarding this,

1) What is the best way to go about this? 2) How to do third party authentication like google, facebook etc?

PS: When we do the authentication using gmail etc, we will need some basic information back to our application which we can use.

Answer 1

One popular solution is Spring Security (which used to be called Acegi). It has various backend authentications and handles openID and LDAP. You could use it with the openID selector mentioned by Abdel. If you google around you can find various plugins to connect with different backend authenticators, including JAAS.

Answer 2

Stackoverflow (Stackexchange) is using a modified version of openid-selector. It is highly customizable and you can add your own selectors as well.

You can authenticate with google, facebook, and other social networking sites using openID or OAuth mechanism. You can make use of many libraries available for java.Have a look at openid4java. You can also refer to this list for libraries as well.

You can get some basic information (Name, Email, Photos etc) from Google, Yahoo or other openid providers.