Ok, I'll have to admit my ignorance here, but how do I get a handle on the Jetspeed Security API? In particular, how do I get to the LoginModuleProxy?
Thanks, Linus -----Message d'origine----- De : Ate Douma [mailto:a...@douma.nu] Envoyé : Tuesday, September 29, 2009 12:49 PM À : Jetspeed Users List Objet : Re: external web service authenticate against jetspeed Linus Kamb wrote: > I don't know if this is a stupid question, but is it possible to have an > external web service authenticate somehow using jetspeed's authentication > mechanisms? I have data services and I would like them to only return data > for valid jetspeed users. We don't have such a solution in place right now, but it should be possible to write one without too much trouble if you want. The Jetspeed Security API allows you to programmatically perform such authentication if you want. You could easily write a dedicated rest like "service" servlet or filter doing so and invoke it from your data services, either remotely or as a (cross-context) include if your data-services run on the same app server. (if you do, we might be interested in supporting/integrating this directly in Jetspeed as well, just let us know) Alternatively, I'm currently in the process of writing a generic SAML2 SP component for Jetspeed which should become available pretty soon. If your data services also can authenticate against a SAML2 IDP you could setup a SAML2 SSO solution without having to rely on Jetspeed authentication itself. Regards, Ate > > > > Thanks, > > Linus > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: jetspeed-user-unsubscr...@portals.apache.org For additional commands, e-mail: jetspeed-user-h...@portals.apache.org --------------------------------------------------------------------- To unsubscribe, e-mail: jetspeed-user-unsubscr...@portals.apache.org For additional commands, e-mail: jetspeed-user-h...@portals.apache.org
