[
http://jira.jboss.com/jira/browse/JBAS-4804?page=all ]
Stefan Guilhen resolved JBAS-4804.
----------------------------------
Fix Version/s: JBossAS-5.0.0.Beta3
Resolution: Rejected
The ssoid and session cookie name can now be injected by the httpHeaderForSSOAuth and
sessionCookieForSSOAuth attributes of GenericHeaderAuthenticator. A web application can
now perform the whole generic header auth configuration on it's own
WEB-INF/context.xml file. No changes to the container config files are needed.
This is how the WEB-INF/context.xml should look like now when using the
GenericHeaderAuthenticator:
<Context>
<Valve className="org.jboss.web.tomcat.security.GenericHeaderAuthenticator"
httpHeaderForSSOAuth="sm_ssoid,ct-remote-user,HTTP_OBLIX_UID"
sessionCookieForSSOAuth="SMSESSION,CTSESSION,ObSSOCookie"/>
</Context>
A test case named GenericHeaderAuthUnitTestCase has been developed to test this behaviour.
The wiki has also been updated.
GenericHeaderAuthenticator injection of ssoid, sessioncookie name
-----------------------------------------------------------------
Key: JBAS-4804
URL:
http://jira.jboss.com/jira/browse/JBAS-4804
Project: JBoss Application Server
Issue Type: Feature Request
Security Level: Public(Everyone can see)
Components: Web (Tomcat) service
Affects Versions: JBossAS-4.2.1.GA
Reporter: Anil Saldhana
Assigned To: Stefan Guilhen
Fix For: JBossAS-5.0.0.Beta3, JBossAS-4.2.3.GA
http://wiki.jboss.org/wiki/Wiki.jsp?page=GenericHeaderBasedAuthentication
Currently the two inputs - HttpHeaderForSSOAuth and SessionCookieForSSOAuth are read from
the tomcat service (via JMX). We need to support the easier way of injecting these via
WEB-INF/context.xml. This should be in addition.
Create a test case called as GenericHeaderAuthenticationUnitTestCase (that is separate
from the other earlier test case). This new test case should use a web application that
has context.xml in the WEB-INF. The test case should not require a special server
configuration (like the other test case).
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
http://www.atlassian.com/software/jira