Gurus, I have a JAAS login module that authenticates a user based on an http cookie (we could say it asserts a previously authenticated user). My J2EE apps uses container-managed security with form-based authentication. As far as I understand, valves works pretty much like servlet filters, with the exception that they can intercept requests for container-protected resources. So I am guessing if its possible to use a valve to intercept a request, perform login based on a cookie and then let the request flow so the user is not asked for his username/password credentials. Yes, we can say this a form to achieve SSO.
Any other approaches? Many thanks, Andre. View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4095872#4095872 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4095872 _______________________________________________ jboss-user mailing list [email protected] https://lists.jboss.org/mailman/listinfo/jboss-user
