[jboss-dev-forums] [Design of JBoss/Tomcat Integration] - Generate SSOID in WebAuthentication
sguilhen@redhat.com
do-not-reply at jboss.com
Thu Oct 11 18:52:11 EDT 2007
As stated on issue http://jira.jboss.com/jira/browse/JBAS-4424, the org.jboss.web.tomcat.security.login.WebAuthentication class should be capable of generating a ssoid and setting it on the session when the user has configured the SingleSignOn valve.
The idea is to get a reference to the SingleSignOn valve and invoke its methods to associate the authenticated Principal to the ssoid, just like the AuthenticatorBase does. However, the methods that we need to call are protected (register, associate, update, etc), so we can't simply delegate the SSO functionality to the SingleSignOn valve unless we relax the method's access to public in JBossWeb. Can we do that?
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4094309#4094309
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4094309
More information about the jboss-dev-forums
mailing list