Thanks, Scott. I didn't realize that this could be such a big problem. As rich client uses spring services to interact with server-side and there is acegi authentication manager in place. And if there was some SiteMinderAuthenticationProvider which can be plugged in here, wouldn't that solve my problem?
Amad
Scott McCrory <[EMAIL PROTECTED]> wrote:
Amad
Scott McCrory <[EMAIL PROTECTED]> wrote:
I've never seen Siteminder used to protect client-side apps because we've always used it as a server-side ISAPI filter or Apache module. I'd recommend first checking with Siteminder to see what their solutions are for rich client apps, then once you know the mechanism of how the user's identity is passed into your app, then you can figure out what kind of adapter is necessary.Good luck!ScottQuoting Amad Fida <[EMAIL PROTECTED]>:
> All -
>
> We have spring rcp based app, which is deployed using Java Webstart.
> In rich client case there is method level security and not the URL
> filter based security. And we also have our own login dialog which we
> present user at startup to authenticate.
>
> I am not sure how do we use SiteMinder authentication in this setup?
>
> One possibility is to protected the jnlp link and use the Siteminder
> authentication filters but once authenticated how does the richclient
> knows about that authentication to get authorization info?
>
> Any ideas or help will he greatly appreciated.
>
> Amad
>
>
>
> ---------------------------------
> Yahoo! Photos
> Ring in the New Year with Photo Calendars. Add photos, events,
> holidays, whatever.
Yahoo! Photos Showcase holiday pictures in hardcover
Photo Books. You design it and well bind it!
