[jboss-jira] [JBoss JIRA] Commented: (JBAS-2283) Custom header based authentication
Anil Saldhana (JIRA)
jira-events at jboss.com
Tue Oct 31 16:44:41 EST 2006
[ http://jira.jboss.com/jira/browse/JBAS-2283?page=comments#action_12346040 ]
Anil Saldhana commented on JBAS-2283:
-------------------------------------
http://wiki.jboss.org/wiki/Wiki.jsp?page=GenericHeaderBasedAuthentication
> Custom header based authentication
> ----------------------------------
>
> Key: JBAS-2283
> URL: http://jira.jboss.com/jira/browse/JBAS-2283
> Project: JBoss Application Server
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Security, Web (Tomcat) service
> Reporter: Scott M Stark
> Assigned To: Anil Saldhana
> Fix For: JBossAS-4.0.5.GA, JBossAS-5.0.0.CR1
>
> Attachments: B19006.pdf, B19008v2.pdf, B19013.pdf
>
>
> We have been getting requests for custom authentication methods based around prorpietary headers/logic. The following attachments describe the oracle COREid product.
> B19006.pdf - high level overview of how the product works
> B19008v2.pdf - details of authentication protocol (p. 85 - 92)
> B19013.pdf - documentation about API
> Likely the most important part is assuming a user is who the HTTP_OBLIX_UID header says they are. The COREid server and the firewall should protect the server from unauthorized access.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list