I forgot to mention the glue between the two (AREA-C, and MT-Java). The user has to be authenticated via the mid-tier (may be login.jsp, may not be, depending on previous session credentials), but at the same time needs to be authenticated to the AREA plugin. The approach I've seen is to leave a door in the AREA plugin that explicitly allows the mid-tier session to authenticate based on the credentials established on the Java side. These credentials do not pass the login/password back to the AREA plugin, per say, but some other bits that lets the AREA plugin know that (1) this session was initiated from the mid-tier and (2) that valid credentials were provided to the authentication mechanism the sso/mid-tier solution is implementing.
Axton Grams On 1/4/07, Axton <[EMAIL PROTECTED]> wrote:
You are going to need both C and Java skills to develop and SSO solution. The AREA plugin architecture revolves around C while the mid-tier revolves around Java. There is no avoiding either of these. The biggest problem I see in the SSO arena is that there is no formalized architecture for it's implementation. Different solutions approach the problem differently. Can you provide some details on your environment? Web server, sso software, authentication scheme, etc. Axton Grams On 1/4/07, Suresh Kannan <[EMAIL PROTECTED]> wrote: > > Sorry, In my posting I meant remedy support is not willing to fix the > sample for 7.0.1 version. > > > _______________________________________________________________________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where > the Answers Are" >
_______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org ARSlist:"Where the Answers Are"
