Thanks for the feedback. Since J2 integrates with JAAS, would it make sense to have J2 create a JAAS subject for a logged-in user, then store this as a PortletSession attribute? Then, the portlet could access the JAAS subject to extract principals and credentials from the Subject. With the obtained credential, the portlet could then connect via URL using "HTTP basic" authentication (among other possibilities).
One more thing: My initial thought was to create DB schema to hold credentials, then build a service layer for portlets to access. This is because in my case (project), I don't have an SSO system to access. In fact, I was thinking to build a miniature SSO system into J2 (holding credentials in a DB).... But if SSO systems are extremely common (and free :>), maybe this is overkill and I should just find myself an SSO system to use (instead of maintaining passwords in a J2 db). Then, the service layer I am suggesting would just be a JAAS provider into the SSO system. -----Original Message----- From: Serge Huber [mailto:[EMAIL PROTECTED] Sent: Friday, August 06, 2004 7:43 AM To: Jetspeed Developers List Subject: Re: Jetspeed2 and Single Sign On JAAS is also a way that a lot of people implement SSO. JAAS providers can be developped to SSO systems, and then all is well :) And just as luck would have it J2 integrates with JAAS ! Regards, Serge Huber. At 20:50 05.08.2004, you wrote: >Hi Chris, > >My current project hooks into an existing based SSO solution. I wrote a >custom valve that checks for the SSO cookie and forwards on to the SSO >login server if it is not found. The SSO server sends me back J2 if >authentication passed. Just to give you an idea of how you can possibly >tackle SSO. > >Chris Delgado wrote: > >>Is anyone currently working on an SSO mechanism for J2? Something that >>holds passwords >> >>to other backend systems so that portlets could access them without >>requiring the user >> >>to re-authenticate? What I had in mind was something similar to IBM's >>"credential vault". >> >> >>I have requirements for a portal that I'd like to propose using J2; but SSO >>is a must and we'd >> >>be accessing many backend systems. >> >> >>If nobody's tackling this, is this something I could help contribute to the >>J2 project? Thanks. >> >> >>Chris Delgado >> >>1703 Durley Down Court >> >>Smyrna GA 30082 USA >> >>[EMAIL PROTECTED] >> >>(404) 931-2557 >> >> >> >> > > >-- >****************************************** >* Scott T. Weaver * >* <[EMAIL PROTECTED]> * >* <http://www.einnovation.com> * >* -------------------------------------- * >* Apache Jetspeed Enterprise Portal * >* Apache Pluto Portlet Container * >* * >* OpenEditPro, Website Content Mangement * >* <http://www.openeditpro.com> * >****************************************** > > >--------------------------------------------------------------------- >To unsubscribe, e-mail: [EMAIL PROTECTED] >For additional commands, e-mail: [EMAIL PROTECTED] - -- --- -----=[ shuber2 at jahia dot com ]=---- --- -- - www.jahia.org : A collaborative source CMS and Portal Server --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
