[jboss-dev] pluggable auth-method
Bill Burke
bburke at redhat.com
Wed Jul 14 10:53:38 EDT 2010
Just guessing,
Isn't the login module responsible for the actual authentication and
authorization? Tomcat authenticator is just responsible for extracting
header info?
Sergey Beryozkin wrote:
> Hi
>
>> You can achieve by writing a tomcat authenticator and putting it in
>> WEB-INF/context.xml (JBAS) or META-INF/context.xml (tomcat).
>>
>> The auth-name is a string defined in the servlet spec.
>>
>
> thanks for the tip.
>
> What is the difference between writing a custom Tomcat authenticator and a custom LoginModule, example,
> org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSLoginModule ?
>
> My understanding is that having custom login modules :
> - makes it easy to stack together different modules, as shown for ex at [1]
> - but requires the explicit loading of (JBoss Security) AuthenticationManager (at least when services are POJOs)
>
> cheers, Sergey
>
> [1] http://community.jboss.org/wiki/SAMLEJBIntegrationwithPicketLinkSTS
>
>
>> On 07/13/2010 11:35 AM, Bill Burke wrote:
>>> Remy, Anil,
>>>
>>> (I'm cc'ing jboss-dev for archive purposes)
>>>
>>> Sergey , a new web services/resteasy hire, has done some great work
>>> around OAuth lately. I'm interested in taking his stuff to the next
>>> level and make it consumable in a way JBoss AS users are used to
>>> configuring security.
>>>
>>> Specifically, I'm interested in defining a OAuth
>>> login-config/auth-method within web.xml i.e.
>>>
>>> <login-config>
>>> <auth-name>OAuth</auth-name>
>>> <realm-name>...</realm-name>
>>> </login-config>
>>>
>>> This would be an initial step, eventually I'd like to be able to
>>> configure a web app to support multiple authentication mechanisms,
>> so
>>> that one URL could support both OAuth and traditional clients.
>>>
>>> Is JSR 196 the way to do this? Do we support in AS6? Is there doco
>>> someplace? (I couldn't find with a search).
>>>
>>> Thanks,
>>>
>>> Bill
--
Bill Burke
JBoss, a division of Red Hat
http://bill.burkecentral.com
More information about the jboss-development
mailing list