I understand now. Thanks for the details. I never tried to implement it, but, I think that the only way to do a fairly secure SSO mechanism between your client and server on windows is to use something like windows SSPI (see http://www.winterdom.com/dev/security/sspi.html) to implement a JAAS login module. The JAAS login module will probably have to work like the SRPLoginModule as the SSPI mandates a few roundtrips between the client and server during the authentication process.
Thomas View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3866021#3866021 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3866021 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
