[JBoss-user] [Security & JAAS/JBoss] - Use SSO for login with JBoss 4.0

Tue, 21 Sep 2004 05:44:51 -0700 

Hi, 

I want to use a Single Sign-On method to log in my application (to access my protected 
resource) using JBoss 4.0. How this is works? The user logs in an application (not 
mine).  Then he wants to access my application without entering (again) its 
credentials.  So its application sends to my application an encrypted assertion (like 
SAML as a parameter to the HTTP request or using SOAP over HTTP).  

So how can I (my LoginModule) get this information, this assertion? (Without using a 
filter, if possible.  I want to use the security-constraint and login-config elements.)

And how my LoginModule can be called without using a auth-method?  When I set NONE as 
auth-method, I have the HTTP 403 error before my LoginModule is called. This error is: 
Cannot perform access control without an authenticated principal.

This is my web-security.xml configuration:

<!-- Security settings -->
   <security-constraint>
     <web-resource-collection>
       <web-resource-name>Restricted</web-resource-name>
       Declarative security tests
       <url-pattern>/myApplication/*</url-pattern>
       <http-method>HEAD</http-method>
       <http-method>GET</http-method>
       <http-method>POST</http-method>
       <http-method>PUT</http-method>
       <http-method>DELETE</http-method>
     </web-resource-collection>
     <auth-constraint>
       <role-name>admin</role-name>
     </auth-constraint>
     <user-data-constraint>
       no description
       <transport-guarantee>NONE</transport-guarantee>
     </user-data-constraint>
   </security-constraint>

   <login-config>
     <auth-method>NONE</auth-method>
     <realm-name>realmSSO</realm-name>
   </login-config>

Thanx a lot!


View the original post : 
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3848944#3848944

Reply to the post : 
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3848944


-------------------------------------------------------
This SF.Net email is sponsored by: YOU BE THE JUDGE. Be one of 170
Project Admins to receive an Apple iPod Mini FREE for your judgement on
who ports your project to Linux PPC the best. Sponsored by IBM.
Deadline: Sept. 24. Go here: http://sf.net/ppc_contest.php
_______________________________________________
JBoss-user mailing list
[EMAIL PROTECTED]
https://lists.sourceforge.net/lists/listinfo/jboss-user

Reply via email to