[jboss-user] [Security & JAAS/JBoss] - Using valves to perform custom login based on http cookie
acorrea10
do-not-reply at jboss.com
Tue Oct 16 23:49:06 EDT 2007
Gurus,
I have a JAAS login module that authenticates a user based on an http cookie (we could say it asserts a previously authenticated user).
My J2EE apps uses container-managed security with form-based authentication.
As far as I understand, valves works pretty much like servlet filters, with the exception that they can intercept requests for container-protected resources.
So I am guessing if its possible to use a valve to intercept a request, perform login based on a cookie and then let the request flow so the user is not asked for his username/password credentials.
Yes, we can say this a form to achieve SSO.
Any other approaches?
Many thanks,
Andre.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4095872#4095872
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4095872
More information about the jboss-user
mailing list