[jboss-user] [Security & JAAS/JBoss] - Authentication-strength to secure resources?
falke2006
do-not-reply at jboss.com
Wed Aug 23 10:35:20 EDT 2006
Hello,
I have been searching information about the possibility to use the information about the authentication method a client has used to authenticate against the server... to use this information for a decision about the redirect to e.g. a Portlet Page.
Example:
There is a Portlet instance within a Portal Page that is accessed by the user that requires at least a client-certificate. But when the user has been challenged for authentication before, he was logged in using form-based authentication.
Now the user should be challenged again, due to the fact of his low authentication strength.
===
Is there any possibility to set (and read at runtime) a required auth-strength for Portal resources? I could not find such a thing in the documentation but I know that it exists e.g. in the Apache WebServer.
Furthermore, is there maybe an extension to handle the described scenario?
Many thanks for any contribution!!
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3966982#3966982
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3966982
More information about the jboss-user
mailing list