Hi,
I'm trying to figure out how to fit my AppFuse app into my
organisation's existing security infrastructure.
My web application server is behind a reverse proxy (Novell Ichain),
which handles authentication (against a Novell LDAP directory) and
caches static content to take some load off the backing web server.
To enable access to my application, I have to ask the Novell
administrators to map an external base URL (e.g.
http://www.myorg.com/webapp) to the internal address which is the
actual home of this app (e.g. http://192.168.1.128:8080/webapp). With
some additional configuration it is possible to force visitors to log
on when attempting to access anything starting with the external URL.
If a visitor has logged on successfully, the reverse proxy puts a
couple of extra HTTP headers into the forwarded request. These headers
hold the visitor's credentials, for example X-App_user and X-App_role.
In my previous webapps I would use my own servlet filter to retrieve
the credentials from the request headers. Using AppFuse (2.0.1), I'd
prefer to configure Acegi to use the rev proxy supplied credentials.
Is it possible to do this, preferably keeping AppFuse embedded?
Thanks,
Ger-Jan
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
