Hi Edmund.

I am sorry but I don't know much about SSO.

However I can tell you about JAAS in Tomcat. In 5 certainly there are
issues. Essentially when you call the LoginModule to invoke your JAAS config
it works but it does not authenticate the proper session Subject. What you
end up doing (Or what I did) was place a request filter in the app that
wraps the request with an overridden RequestWrapper and you write your own
inUserInRole against the Subject that the LoginModule returns (By placing it
in the session)

If you want some code, taken from Wendy Smoak and others I can provide.

-----Original Message-----
From: Edmund Urbani [mailto:[EMAIL PROTECTED] 
Sent: 16 August 2005 13:14
To: Tomcat Users List
Subject: howto configure JAAS+SSO


I'm trying to configure two webapps (slide and jetspeed2) for 
single-sign-on in the same tomcat instance. Both apps use JAAS and come 
with their own JAAS login modules. Is it possible to configure these 
(any?) two apps to share login info with JAAS. I started reading the 
JAAS docs recently and I tried putting the two login modules into one 
JAAS login context, but that does not seem to work, because the login 
module classes won't instantiate properly due to dependencies to their 
respective webapps.

Can SSO be achieved without having the apps share one login context?
Will I have to write my own login module(s)?
Should I use a (completely) different approach to get SSO?

Thanks for any help/advice.


To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to