[jboss-user] [Security & JAAS/JBoss] - Jboss SSO Web Application

[nipunbatra]

Hi 

Thanks for all your help

I am configuring my web application 

1) What I would like to know is why I have to setup the JAAS module

I have written my own LoginProvider and I am authenticating user, also the roles changes quite frequently. As The Loginprovider getRoles method solves my purpose and i can fetch roles from Database or LDAP.

2) In the context.xml of my web application 
When I define the URL of my Logout page, Do I have to do anything specific in that page?

3) In the context.xml when I define 
assertingParty="{uniqueId to identify this web application in the federation}"

Where exactly this unique id will be used?    Is it something usind by apllication intenally 

4) Is there any agent code whcih I can use in my web application whcih tells me if user is logged in or not ? I maen how can I find out if this user has already logged on some other web application 

5) What exactly is this 
application-policy name="{your web application identifier}"

What we have to define here.

Thanks again for your help
Nipun

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3982500#3982500

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3982500