[jboss-user] [Security & JAAS/JBoss] - What does Federated SSO offer over the SSO Tomcat Valve?
john.bolger@gmail.com
do-not-reply at jboss.com
Tue May 12 14:27:42 EDT 2009
Hi,
My client has a requirement for SSO to be incorporated into an application we are developing for them.
Originally we decided to use the Federated SSO solution from JBoss. From looking at this further though, it seems that this might be unnecessary as we are not looking for cross domain authentication. Also, we are using one central datastore for authenticating users.
So instead, we are thinking of using the SSO valve provided by JBoss web:
org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn as our means of providing SSO.
Can anyone tell me what exactly extra Federated SSO adds?
And if there are any security implications of removing Federated SSO and relying on the valve?
Thanks for your help,
John
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4230589#4230589
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4230589
More information about the jboss-user
mailing list