Re: [jboss-dev] pluggable auth-method
Hi
You can achieve by writing a tomcat authenticator and putting it in
WEB-INF/context.xml (JBAS) or META-INF/context.xml (tomcat).
The auth-name is a string defined in the servlet spec.
thanks for the tip.
What is the difference between writing a custom Tomcat authenticator and a custom
LoginModule, example,
org.picketlink.identity.federation.bindings.jboss.auth.SAML2STSLoginModule ?
My understanding is that having custom login modules :
- makes it easy to stack together different modules, as shown for ex at [1]
- but requires the explicit loading of (JBoss Security) AuthenticationManager (at least
when services are POJOs)
cheers, Sergey
[1] http://community.jboss.org/wiki/SAMLEJBIntegrationwithPicketLinkSTS
On 07/13/2010 11:35 AM, Bill Burke wrote:
> Remy, Anil,
>
> (I'm cc'ing jboss-dev for archive purposes)
>
> Sergey , a new web services/resteasy hire, has done some great work
> around OAuth lately. I'm interested in taking his stuff to the next
> level and make it consumable in a way JBoss AS users are used to
> configuring security.
>
> Specifically, I'm interested in defining a OAuth
> login-config/auth-method within web.xml i.e.
>
> <login-config>
> <auth-name>OAuth</auth-name>
> <realm-name>...</realm-name>
> </login-config>
>
> This would be an initial step, eventually I'd like to be able to
> configure a web app to support multiple authentication mechanisms,
so
> that one URL could support both OAuth and traditional clients.
>
> Is JSR 196 the way to do this? Do we support in AS6? Is there doco
> someplace? (I couldn't find with a search).
>
> Thanks,
>
> Bill