[jboss-user] [Security & JAAS/JBoss] - Re: SSO in JBoss 4.0.5

sohil.shah@jboss.com do-not-reply at jboss.com
Thu Dec 21 23:33:20 EST 2006 

anonymous wrote : 
  | 1. What are the limitations of this jBoss Federated SSO framework. 
  | 

Currently, the integration point for the SSO Token Management functions is inside of Tomcat. Hence, currently Tomcat depedency is needed. JBoss ships with Tomcat out-of-the-box so, you should be ok on this.

anonymous wrote : 
  | 2. Does this support different apps in different domains. 
  | 

Yes, the framework was designed with cross-domain integration from the ground up

anonymous wrote : 
  | 3. Any support for XACML (1.0, 2.0). 
  | 

XACML is in the Authorization domain. SSO primarily is associated with the Authentication aspect of security.  As such XACL is out of scope for SSO. But integration is possible. 
Hence, if you have an Authorization framework based on XACML then, integration point for SSO would be to generate the Principal used by XACML to enforce Authorization decisions

anonymous wrote : 
  | 4. Can I get some reference implementations for federated SSO..other the one in the flash demo.
  | 

In its current form, the framework ships with the actual implementation of the two Seam apps that are featured in the flash demo.

It also has a test application that is used for testing scenarios during development

anonymous wrote : 
  | 5. Do we need a portal (customized or any product driven like Oracle portal, weblogic etc). 
  | 

No. portal or any custom thirdparty product is not a requirement. The only requirement at this point is Tomcat

anonymous wrote : 
  | We have 5 applications using different login mechanisms like JAAS, Database etc running in different servers including jBoss, Tomcat, web logic.
  | 
  | Can we use the beta Federated SSO beta for implementing SSO and SAML to support existing apps and also future apps.. 
  | 

Absolutely. Although I am not too familiar with WebLogic. As long as you run Tomcat you should be fine.

Also please refer here for more detailed documentation:

http://labs.jboss.com/portal/index.html?ctrl:cmd=render&ctrl:window=default.wiki.WikiPortletWindow&page=Jbosssso&language=EN

Thanks
Sohil
Project Lead, JBoss Federated SSO




View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3995774#3995774

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3995774

More information about the jboss-user mailing list