"anil.saldhana(a)jboss.com" wrote :
httpHeaderForSSOAuth="sm_ssoid,ct-remote-user,HTTP_OBLIX_UID"
| | sessionCookieForSSOAuth="SMSESSION,CTSESSION,ObSSOCookie"
|
| The first value is basically what oblix will be sending as the username in the http
header. The second one is what oblix will use as a session cookie. Do you have the header
names passed by oblix?
i dug up the source so it appears the comma delimited list is a multiple choice of
possible values the driver looks for.
from what i've gathered from the client, the Header is going to be XYZUSER. they are
not going to push the session_id (they say we should just trust the user_id published in
the Header).
i've configured my context.xml to have the valve in question. problem is, i tried to
request the main page using curl and pushing the Header with a value that maps to a user
in the app user table (we use the DatabaseServerLoginModule to handle mapping users and
roles) but it always sends me the login page.
what i was expecting (maybe erroneously) that the GenericHeaderAuthenticator would
intercept the request for the form and inject the user_id from the Header and then the
DatabaseServerLoginModule (configured with "useFirstPass") would recognize we
have a user_id and just map the roles.
my followup questions are:
1) if we are using an application policy in login-config.xml, does this negate the Valve
in the context.xml or do they not play nicely together, requiring me to create a JAAS
module and configure it in the login-config.xml?
2) if JAAS and the GenericHeader valve do not play nicely, can the GenericHeader be
configured as a login module in login-config.xml?
TIA
== stanton
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4213848#...
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&a...