I'm not sure I understand what you want.  If you don't redirect the 
browser to the Auth Server, the Auth Server will not set up the 
appropriate cookies with the browser and browser SSO will not work. 
You'd have to use a bearer token for everything in that case.


On 6/26/2013 5:46 PM, Doug Schnelzer wrote:
> We're planning to move to Skeleton Key for SSO support for a bunch of
> web apps hosted on JBoss EAP 6.  We'd like to come up with an approach
> that allows protected web apps to include a username and password field
> on an unprotected page from the protected web app (this page would be
> unprotected) and transparently handle the SSO handshake from
> the OAuthManagedResourceValve to the AuthServer and back.  We were
> looking at a JavaScript function to facilitate this but haven't come up
> with a solid way to handle Cross Site Scripting that would be a part of
> this approach.
>
> I see in the docs that we can programmatically get an access token that
> will work with the BearerTokenAuthenticatorValve for accessing REST
> resources.
>
> ResteasyClient client = new ResteasyClientBuilder()
>                                  .truststore(truststore)
>                                  .build();
>
>      Form form = new Form().param("grant_type", "client_credentials");
>      ResteasyWebTarget target = 
> client.target("https://localhost:8443/auth-server/j_oauth_token_grant";);
>      target.configuration().register(new 
> BasicAuthentication("bbu...@redhat.com", "password"));
>      AccessTokenResponse res = target.request()
>                             .post(Entity.form(form), 
> AccessTokenResponse.class);
>
>
> Does the Skeleton Key framework support a similar programatic approach
> for getting a token that we can use to login a user to a SSO protected
> application without the user having to see the auth server login page?
>   If so can you give us a few pointers to get started?
>
> Thanks, Doug
>
>
> ------------------------------------------------------------------------------
> This SF.net email is sponsored by Windows:
>
> Build for Windows Store.
>
> http://p.sf.net/sfu/windows-dev2dev
>
>
>
> _______________________________________________
> Resteasy-users mailing list
> Resteasy-users@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/resteasy-users
>

-- 
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com

------------------------------------------------------------------------------
This SF.net email is sponsored by Windows:

Build for Windows Store.

http://p.sf.net/sfu/windows-dev2dev
_______________________________________________
Resteasy-users mailing list
Resteasy-users@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/resteasy-users

Reply via email to