On Aug 6, 2004, at 7:11 AM, Chris Delgado wrote:
Thanks for the feedback.
Since J2 integrates with JAAS, would it make sense to have J2 create
a JAAS subject for a logged-in user, then store this as a PortletSession
attribute?
See the SecurityValve for details on how we are currently getting subjects
Then, the portlet could access the JAAS subject to extract
principals and credentials from the Subject. With the obtained credential,
the portlet could then connect via URL using "HTTP basic" authentication
(among other possibilities).
One more thing: My initial thought was to create DB schema to hold
credentials, then build a service layer for portlets to access. This is
because in my case (project), I don't have an SSO system to access. In
fact, I was thinking to build a miniature SSO system into J2 (holding
credentials in a DB)....
But if SSO systems are extremely common (and free :>), maybe this is overkill and I should just find myself an SSO system to use (instead of maintaining passwords in a J2 db). Then, the service layer I am suggesting would just be a JAAS provider into the SSO system.
-----Original Message----- From: Serge Huber [mailto:[EMAIL PROTECTED] Sent: Friday, August 06, 2004 7:43 AM To: Jetspeed Developers List Subject: Re: Jetspeed2 and Single Sign On
JAAS is also a way that a lot of people implement SSO. JAAS providers can
be developped to SSO systems, and then all is well :) And just as luck
would have it J2 integrates with JAAS !
Regards, Serge Huber.
At 20:50 05.08.2004, you wrote:SSOHi Chris,
My current project hooks into an existing based SSO solution. I wrote a
custom valve that checks for the SSO cookie and forwards on to the SSO
login server if it is not found. The SSO server sends me back J2 if
authentication passed. Just to give you an idea of how you can possibly
tackle SSO.
Chris Delgado wrote:
Is anyone currently working on an SSO mechanism for J2? Something that
holds passwords
to other backend systems so that portlets could access them without requiring the user
to re-authenticate? What I had in mind was something similar to IBM's "credential vault".
I have requirements for a portal that I'd like to propose using J2; buttheis a must and we'd
be accessing many backend systems.
If nobody's tackling this, is this something I could help contribute toJ2 project? Thanks.
Chris Delgado
1703 Durley Down Court
Smyrna GA 30082 USA
[EMAIL PROTECTED]
(404) 931-2557
-- ****************************************** * Scott T. Weaver * * <[EMAIL PROTECTED]> * * <http://www.einnovation.com> * * -------------------------------------- * * Apache Jetspeed Enterprise Portal * * Apache Pluto Portlet Container * * * * OpenEditPro, Website Content Mangement * * <http://www.openeditpro.com> * ******************************************
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
- -- --- -----=[ shuber2 at jahia dot com ]=---- --- -- - www.jahia.org : A collaborative source CMS and Portal Server
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
-- David Sean Taylor Bluesunrise Software [EMAIL PROTECTED] [office] +01 707 773-4646 [mobile] +01 707 529 9194
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
