[jboss-dev-forums] [JBoss ESB Development] - Re: SAML Token Support
jeff.yuchang
do-not-reply at jboss.com
Wed Oct 21 00:02:34 EDT 2009
Maybe let us discuss by use case here. (sorry if these two use cases are obvious). ;-)
we have two scenarios here:
1. client didn't have a saml token, it just has username&password, and it tries to use our SAML Login Module to do the authentication. In this case, our LoingModuleImpl should have two steps.
1). Use the username&password to issue a token.
2). Validate this token and propagate this token if necessary.
2. client had an existing saml token. It expects ESB to do the authentication based on this token. Our LoginModuleImpl just need one step.
1) Validate this token and propagate this token if necessary.
Based on above analysis, I thought the LoginModule should be only doing one thing, and also issue a token should not belong to the LoginModuleImpl. (it should be happened before talk to JAAS authentication, just like you should have username&password, and then try to talk to JAAS).
So I prefer to have an action and a LoginModule instead of having just one LoginModule.
Sorry if I misunderstood something here. ;-)
Regards
Jeff
View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4261385#4261385
Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4261385
More information about the jboss-dev-forums
mailing list