Re: Faking SSO to wiki from java app

Tue, 24 Mar 2009 12:01:54 -0700 

Hi Louis--
The approach that would make the most sense would be to use your container's SSO cookie. Tomcat can do this, and I suspect JBoss can also. JSPWiki should be able to pick up the container cookie and credential and "know" that the user already logged in. 


From there, you will need to read the user's profile information. The  
JDBCUserDatabase should help you here -- it us quite flexible and  
should be able to be configured to match your existing user table.



I'd do this in reverse order first; get the JDBC user database working  
first, then move to the SSO cookie.


Andrew

On Mar 24, 2009, at 11:09, [email protected] wrote:


I have an existing Java app running in JBoss that uses a simple DB  
table
to do it's authentication.  I want to be able to click on a link in  
the

existing Java app and have our wiki popup, already logged in using the

Java app's user id.  I have already programmed the Java app to  
redirect to
the wiki, but I am at a lost as to where to start with the  
authentication.

My initial thoughts were to create a custom JSP which calls a custom

class which "fakes" the login and sets up the security info for the  
wiki.

However, after reading several of the JAAS and security docs, I think
there may be an easier way to do this.


In summary, I want my wiki to authenticate using my existing app's  
user

table.

Thanks,
Lou

JSPWiki 2.8.1
Windows
JBoss 4
Tomcat 5.5
JDK 1.5


~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
LOG-NET, Inc.
The Logistics Network Management System
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
230 Half Mile Road
Third Floor
Red Bank, NJ 07701
PH: 732-758-6800
FAX: 732-747-7497
http://www.LOG-NET.com
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
CONFIDENTIAL & PRIVILEGED

Unless otherwise indicated or if obvious from the nature of the  
content,

the information contained herein is privileged and confidential

information/work product. The communication is intended for the use  
of the
individual or entity named above.  If the reader of this  
transmission is

not the intended recipient, you are  hereby notified that any

dissemination, distribution or copying of this communication is  
strictly

prohibited.  If you have received this communication in error, please

notify the sender immediately by telephone (732-758-6800) or by  
electronic
mail ([email protected]), and destroy any copies, electronic,  
paper

or otherwise, which you may have of this communication.  Thank you.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~






















					Reply via email to