Thanks Ben,
I'll take a further look at the current CAS SSO code. I did the Single Sign On using a Tomcat Valve. Maybe I was reinventing the wheel after all. But my requirement was little bit different. I need to enable SSO for all the WAR running in my Web container whithout changing the WAR files...
By the way I was wrong saying Sun Access Manager is related to JOSSO. It seems OpenSSO is actually from Sun.
Cheers,
Jin
I'll take a further look at the current CAS SSO code. I did the Single Sign On using a Tomcat Valve. Maybe I was reinventing the wheel after all. But my requirement was little bit different. I need to enable SSO for all the WAR running in my Web container whithout changing the WAR files...
By the way I was wrong saying Sun Access Manager is related to JOSSO. It seems OpenSSO is actually from Sun.
Cheers,
Jin
----- Original Message ----
From: Ben Alex <[EMAIL PROTECTED]>
To: [email protected]
Sent: Tuesday, November 7, 2006 6:24:47 AM
Subject: Re: [Acegisecurity-developer] OpenSSO integration... what do you think?
From: Ben Alex <[EMAIL PROTECTED]>
To: [email protected]
Sent: Tuesday, November 7, 2006 6:24:47 AM
Subject: Re: [Acegisecurity-developer] OpenSSO integration... what do you think?
Hi Jin
I think there are already plugin points for each of these steps.
Jin Peng wrote:
>
> 1. Retrieve SSO token from HTTP request (usually SSO cookie)
Authentication mechanism (usually a filter).
> 2. Validate SSO token
> 3. Recreate authentication context from a valid SSO token.
Authentication provider and generally an Authentication object to pass
between the authentication mechanism and authentication provider.
> 4. Terminate a SSO token (global sign off)
Logout handler.
A couple of weeks ago I wrote the above at a client site and it took
about twenty minutes (including unit tests). It could be simplified
further by having an Authentication object contain a field to denote the
source authentication mechanism class, and a general
AuthenticationProvider which automatically accepts such objects (the
authentication mechanism would still need to be written, but you could
include an abstract method that contains the HttpServletRequest
parameter and returns an Authentication object).
Cheers
Ben
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
I think there are already plugin points for each of these steps.
Jin Peng wrote:
>
> 1. Retrieve SSO token from HTTP request (usually SSO cookie)
Authentication mechanism (usually a filter).
> 2. Validate SSO token
> 3. Recreate authentication context from a valid SSO token.
Authentication provider and generally an Authentication object to pass
between the authentication mechanism and authentication provider.
> 4. Terminate a SSO token (global sign off)
Logout handler.
A couple of weeks ago I wrote the above at a client site and it took
about twenty minutes (including unit tests). It could be simplified
further by having an Authentication object contain a field to denote the
source authentication mechanism class, and a general
AuthenticationProvider which automatically accepts such objects (the
authentication mechanism would still need to be written, but you could
include an abstract method that contains the HttpServletRequest
parameter and returns an Authentication object).
Cheers
Ben
-------------------------------------------------------------------------
Using Tomcat but need to do more? Need to support web services, security?
Get stuff done quickly with pre-integrated technology to make your job easier
Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo
http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________
Home: http://acegisecurity.org
Acegisecurity-developer mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
------------------------------------------------------------------------- Using Tomcat but need to do more? Need to support web services, security? Get stuff done quickly with pre-integrated technology to make your job easier Download IBM WebSphere Application Server v.1.0.1 based on Apache Geronimo http://sel.as-us.falkag.net/sel?cmd=lnk&kid=120709&bid=263057&dat=121642
_______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer
