anonymous wrote :
| 1) What I would like to know is why I have to setup the JAAS module
|
| I have written my own LoginProvider and I am authenticating user, also the
roles changes quite frequently. As The Loginprovider getRoles method solves my
purpose and i can fetch roles from Database or LDAP.
|
The LoginProvider is more of a data access component to get your authentication
data and role information. This has to be integrated with a component that
actually uses this data. The JAAS module is provided as a standard integration
out-of-the-box. JAAS is the standard way to perform authentication in a J2EE
environment so that the logged in Subject is then identified by other systems
of the application server like EJB layer, Web layer etc. The tomcat valves
provide this JAAS integration.
anonymous wrote :
| 2) In the context.xml of my web application
| When I define the URL of my Logout page, Do I have to do anything specific
in that page?
|
This is the URL that performs the logout functionality of your application.
This is used by the Federated Single Sign Out function of the framework. You
don't have to do anything special on this page except make sure the user is
logged out when this URL is called.
anonymous wrote :
| 3) In the context.xml when I define
| assertingParty="{uniqueId to identify this web application in the
federation}"
|
Asserting Party identifies your node as a partner in the Federation. It is a
free form value and is not processed by the application. It shows up in the
SAML token that is propagated within the Federation. It identifies the node
that actually authenticated the user and issued the SAML token
anonymous wrote :
| 4) Is there any agent code whcih I can use in my web application whcih
tells me if user is logged in or not ? I maen how can I find out if this user
has already logged on some other web application
|
There are many ways depending on your environment. If you use JAAS based
authentication you can tell by the presence of the Principal object.
In this framework, the presence of the SAML token as a cookie on the incoming
http request also tells you if the user has been authenticated.
If would really recommend using JAAS as your authentication system.
anonymous wrote :
| 5) What exactly is this
| application-policy name="{your web application identifier}"
|
This is part of JAAS module configuration. It identifies the web application
that this module should be applied to. For details on JAAS configuration please
look at : http://wiki.jboss.org/wiki/Wiki.jsp?page=JBossSX
Also, for example of JAAS setup you can refer to the component/jboss_sso_test
module for ideas
Thanks
Sohil
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3982505#3982505
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3982505
_______________________________________________
jboss-user mailing list
[email protected]
https://lists.jboss.org/mailman/listinfo/jboss-user
