Yes, this should be possible. Acegi integrates with SSO solutions like Siteminder and CAS. They basically log the user in and then set a token that Acegi reads. I've never done customization of these modules or added my own SSO solution, but Acegi is designed to make this possible.
Matt On Mon, Apr 21, 2008 at 7:41 AM, <[EMAIL PROTECTED]> wrote: > Hi, > > I'm trying to figure out how to fit my AppFuse app into my organisation's > existing security infrastructure. > > My web application server is behind a reverse proxy (Novell Ichain), which > handles authentication (against a Novell LDAP directory) and caches static > content to take some load off the backing web server. > > To enable access to my application, I have to ask the Novell administrators > to map an external base URL (e.g. http://www.myorg.com/webapp) to the > internal address which is the actual home of this app (e.g. > http://192.168.1.128:8080/webapp). With some additional configuration it is > possible to force visitors to log on when attempting to access anything > starting with the external URL. > > If a visitor has logged on successfully, the reverse proxy puts a couple of > extra HTTP headers into the forwarded request. These headers hold the > visitor's credentials, for example X-App_user and X-App_role. > > In my previous webapps I would use my own servlet filter to retrieve the > credentials from the request headers. Using AppFuse (2.0.1), I'd prefer to > configure Acegi to use the rev proxy supplied credentials. Is it possible to > do this, preferably keeping AppFuse embedded? > > Thanks, > > Ger-Jan > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]