Raj M wrote:
Greetings,
First, I am working of the 2.1-dev trunk. I am looking for ideas or
pointers to
where I should look for a 'stackable' authentication mechanism. Basically,
we have different authentication domains accessing the 'portal', One
authentication domain has a 'cookie' based authentication. Essentially
it, the browser sends a 'externally' authenticated token as a Cookie
value. And i have java libraries to extract the principal/subject id and
verify the authentication. How can I integrate this with j2 security
architecture?
Yes. The first level of integration is at the SecurityValve. Recommend
writing a custom SecurityValve.
Take a look at getting the Subject required by Jetspeed created in your
SecurityValve. This may be enough integration for your requirements.
More deep integration involves writing custom Jetspeed security components.
Second, question to support multiple authentication mechanisms, can the
LoginPortlet be 'enhanced' to suport 'PAM' like architecture to support
multiple 'entry' points?
We have a jaas login module that comes as the default
http://portals.apache.org/jetspeed-2/multiproject/jetspeed-security/login-module.html
Of course you can use your own login module
Additionally, i have integrated with federated solutions like Athens
Eduserv, Cams. Im still trying to authenticate with Shibboleth, but the
configuration is killer. Once i have a sample sp/idp running here,
integration should go quickly
Third, is the security prinicpal/roles/groups available as programattic
API to do 'auto-register' type functions (like the cookie case above?).
Yes. Its all there.
See the security documentation
http://portals.apache.org/jetspeed-2/guides/guide-security.html
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
