[jboss-jira] [JBoss JIRA] Commented: (JBAS-1900) Clustered webapp shouldn't require ClusteredSingleSignOn
Brian Stansberry (JIRA)
jira-events at lists.jboss.org
Tue Apr 17 16:45:30 EDT 2007
[ http://jira.jboss.com/jira/browse/JBAS-1900?page=comments#action_12359616 ]
Brian Stansberry commented on JBAS-1900:
----------------------------------------
I haven't tested this, so buyer beware. The request notes that using ClusteredSSO is not an option due to different sets of users for different webapps. Set the "requireReauthentication" attribute in the ClusteredSingleSignOnValve to "true". Each request will then be reauthenticated by the security layer, which should prevent users from one set accessing resources meant for another set.
I'd added the above as a Workaround, but apparently workarounds aren't shown if an issue is listed as a Feature Request.
> Clustered webapp shouldn't require ClusteredSingleSignOn
> --------------------------------------------------------
>
> Key: JBAS-1900
> URL: http://jira.jboss.com/jira/browse/JBAS-1900
> Project: JBoss Application Server
> Issue Type: Feature Request
> Security Level: Public(Everyone can see)
> Components: Security, Clustering
> Affects Versions: JBossAS-4.0.2 Final
> Reporter: Stan Silvert
> Priority: Minor
> Fix For: JBossAS-5.0.0.CR1, JBossAS-4.2.1.CR1
>
>
> A customer had three webapps. The set of users for each webapp is different. So, they don't want single signon behavior. They do want HttpSessionReplication to take care of the credentials so that the user doesn't need to sign on when redirected to another server. It was found that we needed to enable clustered single signon to get this to work.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: http://jira.jboss.com/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the jboss-jira
mailing list