cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gina Choi <>
Subject Supporting Anonymous users in Fediz WS-Federation
Date Mon, 30 Jul 2012 13:44:40 GMT
Hi All,

We have an application which supports anonymous users in Single Sign On
Mode(We support both Internal and SSO mode). If SSO and "anonymous" user
are enabled, we don't redirect request to STS. "guest" user has "use App"
permission and it can access certain resource of the app without log on
application. We don't control our application resource using url path like
Fediz example did using "/secure/*".

Now we decided to use Fediz WS-Federation to replace our existing SSO
implementation. So far, everything else went well except, I couldn't figure
out how I am going to support anonymous users because of Fediz
Plugins(fediz-tomcat and fediz-core). No matter what, in SSO mode it always
pops up form authentication if user is not authenticate before. I am
looking for a solution that based on a flag(if anonymous user is enabled),
make form authentication do not pop up. I know that the way that we try to
do is kind of against SSO principle. Companies should create a guest user
in their Active Directory with limited access. If this case, guest user
still have guest credentials to sign on SSO.

Any suggestions and ideas would be appreciated.



  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message