jackrabbit-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alexander Klimetschek (JIRA)" <j...@apache.org>
Subject [jira] Commented: (JCR-2355) Support easy pre-authenticated login
Date Thu, 15 Oct 2009 12:26:31 GMT

    [ https://issues.apache.org/jira/browse/JCR-2355?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12766042#action_12766042
] 

Alexander Klimetschek commented on JCR-2355:
--------------------------------------------

Ok, I thought it would be enabled by default. Hence I revert my -1 vote.

I would note that one should see this attribute like a password, that then must be set on
both the client code and the repository configuration.

> It should rather be easy to write a special login module that can be set by configuration
and handles SSO things and co.

As Felix pointed out to me, certain login mechanisms like openID, which involve multiple http
requests, cannot be easily done by a jackrabbit loginmodule.

> Support easy pre-authenticated login
> ------------------------------------
>
>                 Key: JCR-2355
>                 URL: https://issues.apache.org/jira/browse/JCR-2355
>             Project: Jackrabbit Content Repository
>          Issue Type: Improvement
>          Components: jackrabbit-core
>    Affects Versions: 2.0-alpha11
>            Reporter: Felix Meschberger
>             Fix For: 2.0-alpha12
>
>         Attachments: JCR-2355.patch
>
>
> Some applications authenticate users themselves and just need to access the repository
on behalf of these pre-authenticated users.
> Examples of such pre-authentications include SSO solutions or web applications using
a web-based authentication protocol not easily implementable in a JAAS LoginModule, for example
OpenID or similar.
> In such situations a password may not be provided in SimpleCredentials and thus regular
login with user name and password is not possible.
> Therefore I propose the enhancement of the AbstractLoginModule to allow for setting a
specific attribute in the SimpleCredentials attribute map. If this attribute is set, authentication
and login succeeds and a session for the user named in the SimpleCredentials is created.
> As a starter we might just check for the presence of the attribute.

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message