[ http://jira.jboss.com/jira/browse/JBSEAM-1032?page=comments#action_12356809 ] Joshua Jackson commented on JBSEAM-1032: ---------------------------------------- If I move my Seam apps to other App server other than JBoss, will JBoss SSO still work? -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ http://jira.jboss.com/jira/browse/JBSEAM-1032?page=comments#action_12362066 ] Arthur Troyer commented on JBSEAM-1032: --------------------------------------- As I see it. If the user has already been authenticated via an SSOSession, you do not need to call the loginContext.login() method. This addresses the problem of crossing systems/domains that may have different passwords. The assumption is that if the user has been authenticated by one of the trusted applications, he does not need to be authenticated again. You would just have to create the subject and populate it with the principle. This leaves the issue of Authorization. If the JAAS login is supplying the roles, and you are not doing the login, these roles would not be present. One possible solution to this is to provide access to the principle and subject, in a protected (instead of private) way. Instead of calling the loginContext.login() routine, you would call a routine named "SSOProvideRoles". This routine would read the LDAP to get the roles. As an added feature, since you have made the principle and subject variables protected, a developer could extend the method and override this "SSOProvideRoles" method and populate the subject with the roles in whatever manner he desires. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ http://jira.jboss.com/jira/browse/JBSEAM-1032?page=comments#action_12362212 ] Arthur Troyer commented on JBSEAM-1032: --------------------------------------- The Logout method on the Identity module will need to check for the existence of an SSOSession and ivalidate it. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ http://jira.jboss.com/jira/browse/JBSEAM-1032?page=comments#action_12362402 ] Shane Bryzak commented on JBSEAM-1032: -------------------------------------- Walt, I'm going to be working with Anil Saldhana from the JBoss Security team next week to look at how we can best integrate Seam Security with both JBoss-SSO and JBoss Security. My hope is that we will come up with a solution that is simple to configure and to use. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ http://jira.jboss.com/jira/browse/JBSEAM-1032?page=all ] Shane Bryzak updated JBSEAM-1032: --------------------------------- Fix Version/s: 2.0.0.GA -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ http://jira.jboss.com/jira/browse/JBSEAM-1032?page=comments#action_12378259 ] Shane Bryzak commented on JBSEAM-1032: -------------------------------------- A lot of people have been asking about this lately, so it would be nice to get it into 2.0.0. I've spent the last couple of days playing with JBossSSO and I'm hoping it shouldn't be a big problem to integrate it. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ http://jira.jboss.com/jira/browse/JBSEAM-1032?page=comments#action_12378389 ] Walter Barrow commented on JBSEAM-1032: --------------------------------------- Where can I find out when version 2.0.1.GA is planned to be released? We are anxiously awaiting this capability. Walt Barrow L-3 Communications Air Force Satellite Control Network Project -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ http://jira.jboss.com/jira/browse/JBSEAM-1032?page=all ] Shane Bryzak updated JBSEAM-1032: --------------------------------- Fix Version/s: (was: 2.0.1.GA) Slipping until JBSSO-36 is fixed. -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ http://jira.jboss.com/jira/browse/JBSEAM-1032?page=all ] Shane Bryzak updated JBSEAM-1032: --------------------------------- Fix Version/s: 2.1.0.GA -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ http://jira.jboss.com/jira/browse/JBSEAM-1032?page=comments#action_12399960 ] Kenneth Christensen commented on JBSEAM-1032: --------------------------------------------- What about OpenSSO (https://opensso.dev.java.net/) integration - any plans? -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ http://jira.jboss.com/jira/browse/JBSEAM-1032?page=comments#action_12401431 ] Rich Nill commented on JBSEAM-1032: ----------------------------------- I wanted to understand if this feature request will handle the issue identified in: http://www.jboss.com/index.html?module=bb&op=viewtopic&t=119389 Specifically, most web containers/app servers support third party authentication proxies that will provide a user principal to the web container. For example, we use WebSphere Application Server and it supports the major authentication proxies (Oracle Access Manager (formerly Oblix), CA's Netegrity SiteMinder, IBM's TAM, etc.). In this case, login occurs at the authentication proxy and the identity is passed to the web container. Applications can use request.getUserPrincipal() and isUserInRole(), etc. I would think that there would be support built into Seam to simply leverage the principal that is supplied (essentially delegating authentication to another provider). By enabling this, you would automatically support a bunch of application servers and authentication proxies. I was hoping this is the approach that will be taken. Any thoughts? -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ http://jira.jboss.com/jira/browse/JBSEAM-1032?page=all ] Pete Muir updated JBSEAM-1032: ------------------------------ Fix Version/s: 2.1.0.BETA2 (was: 2.1.0.GA) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ https://jira.jboss.org/jira/browse/JBSEAM-1032?page=com.atlassian.jira.pl... ] Pete Muir updated JBSEAM-1032: ------------------------------ Priority: Blocker (was: Major) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ https://jira.jboss.org/jira/browse/JBSEAM-1032?page=com.atlassian.jira.pl... ] Norman Richards updated JBSEAM-1032: ------------------------------------ Fix Version/s: The future (was: 2.1.2.CR1) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira

[ https://jira.jboss.org/jira/browse/JBSEAM-1032?page=com.atlassian.jira.pl... ] Pete Muir updated JBSEAM-1032: ------------------------------ Assignee: (was: Norman Richards) -- This message is automatically generated by JIRA. - If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa - For more information on JIRA, see: http://www.atlassian.com/software/jira