geronimo-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Mulder" <ammul...@alumni.princeton.edu>
Subject Re: Geronimo Web Interceptors, WebSSO with Authentication Proxy
Date Thu, 23 Feb 2006 13:57:30 GMT
I'd like to be able to plug third-party authentication providers like
this into Geronimo.  It's possible we can do it with a custom security
login module.  How much do you know about the WebSEAL API?  If there
was some remote call we could make, for example, to supply a username
and password and get back whether it was valid and a list of groups,
that would be pretty easy to integrate.  But I haven't heard of
WebSEAL before, so I'm not even sure if it operates on usernames and
passwords at all.

Thanks,
    Aaron

On 23 Feb 2006 10:26:32 +0100, sepima@poczta.fm <sepima@poczta.fm> wrote:
> Hi All,
>
> I am looking for information about Geronimo%u2019s Web Container Interceptors. It is
preferred for me to use Jetty but Tomcat is good as well.
> I plan to integrate Geronimo with Authentication Proxy like WebSEAL from TAM. If you
look at WAS concept, there is TAI mechanism which integrates Authentication Proxy with Application
Server. Does Geronimo have something like TAI from WAS?
>
> I thing it will be good to add my own interceptor or change the standard SecurityContextBeforeAfter
one. Maybe, it will be enough to use my own Authenticator. What do you thing about it?
>
> Ps
> I tried to use Tomcat SSO (ValveGBean) but it does not work.
>
> This is part of plan file:
>     <gbean name="SecondValve" class="org.apache.geronimo.tomcat.ValveGBean">
>         <attribute name="className">my.own.SSOClass</attribute>
>     </gbean>
>
> Tomcat calls this SSOClass but it is before Geronimo loads Security Policy and when I
add Credential to the request, it throws NullPointerException.
> If someone is using this Tomcat SSO mechanism, any advices will be helpful for me.
>
>
> Environment:
> Linux RedHat 4 update 2
> IBM JDK 1.4.8
> Geronimo 1.0
> Tivoli Access Manager 6
> Tivoli Directory Server 6
>
> best regards,
> sebo
>
>
> ------------------------------------------------------------------
> Jestes poszukiwana. Szuka Cie wysoki brunet!
> >> http://link.interia.pl/f190c <<
>
>

Mime
View raw message