"Legga" wrote : Do I understand right that I need an implementation of Valve interface running as a valve on Tomcat and for every request that has not been authenticated yet, it should connect to JBoss, perform the authentication and populate local subkect with principals received remotely from JBoss?
I'm a jaas newbie but, If I understodd well the "valve" scott is speaking about is the ClientLoginModule shipped with JBoss. This login module do not perform authentication but merely pass to the ejb layer the credential coming from elsewhere (web layer). Look here: http://www.jboss.org/wiki/Wiki.jsp?page=ClientLoginModule Scott wrote a JAAS howto which explains nearly everything (I still have a lot of question): http://sourceforge.net/docman/display_doc.php?docid=18240&group_id=22866 So for example you configure tomcat whit a form login authentication and you pass these info on the server side where you can perform the server authentication on db or ldap. Then the ClientLoginModule acts as a valve... Bye -- Davide [/url] View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3873929#3873929 Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3873929 ------------------------------------------------------- SF email is sponsored by - The IT Product Guide Read honest & candid reviews on hundreds of IT Products from real users. Discover which products truly live up to the hype. Start reading now. http://ads.osdn.com/?ad_id=6595&alloc_id=14396&op=click _______________________________________________ JBoss-user mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/jboss-user
