[jboss-jira] [JBoss JIRA] Resolved: (JBAS-4804) GenericHeaderAuthenticator injection of ssoid, sessioncookie name
Stefan Guilhen (JIRA)
jira-events at lists.jboss.org
Thu Oct 25 14:46:01 EDT 2007
[ http://jira.jboss.com/jira/browse/JBAS-4804?page=all ]
Stefan Guilhen resolved JBAS-4804.
----------------------------------
Fix Version/s: JBossAS-5.0.0.Beta3
Resolution: Rejected
The ssoid and session cookie name can now be injected by the httpHeaderForSSOAuth and sessionCookieForSSOAuth attributes of GenericHeaderAuthenticator. A web application can now perform the whole generic header auth configuration on it's own WEB-INF/context.xml file. No changes to the container config files are needed.
This is how the WEB-INF/context.xml should look like now when using the GenericHeaderAuthenticator:
<Context>
<Valve className="org.jboss.web.tomcat.security.GenericHeaderAuthenticator" httpHeaderForSSOAuth="sm_ssoid,ct-remote-user,HTTP_OBLIX_UID"
sessionCookieForSSOAuth="SMSESSION,CTSESSION,ObSSOCookie"/>
</Context>
A test case named GenericHeaderAuthUnitTestCase has been developed to test this behaviour. The wiki has also been updated.
> GenericHeaderAuthenticator injection of ssoid, sessioncookie name
> -----------------------------------------------------------------
>
> Key: JBAS-4804
> URL: http://jira.jboss.com/jira/browse/JBAS-4804
> Project: JBoss Application Server
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Web (Tomcat) service
> Affects Versions: JBossAS-4.2.1.GA
> Reporter: Anil Saldhana
> Assigned To: Stefan Guilhen
> Fix For: JBossAS-5.0.0.Beta3, JBossAS-4.2.3.GA
>
>
> http://wiki.jboss.org/wiki/Wiki.jsp?page=GenericHeaderBasedAuthentication
> Currently the two inputs - HttpHeaderForSSOAuth and SessionCookieForSSOAuth are read from the tomcat service (via JMX). We need to support the easier way of injecting these via WEB-INF/context.xml. This should be in addition.
> Create a test case called as GenericHeaderAuthenticationUnitTestCase (that is separate from the other earlier test case). This new test case should use a web application that has context.xml in the WEB-INF. The test case should not require a special server configuration (like the other test case).
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list