jackrabbit-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "dan" <danz8...@hotmail.com>
Subject RE: JAAS access and authentication
Date Tue, 22 Aug 2006 14:11:11 GMT
Hi Tobias & other Gurus,

I also have a question related to using the JAAS modules in Jackrabbit. 
The jackrabbit website described briefly the JAAS components' usage and
points out that they can be customized. Since I haven't used JAAS before,
some key points are quite puzzling for me.

Would greatly appreciate any advice/example on the questions below: 

Scenario: use Jackrabbit with WebSphere portal apps. Users always logon to
the WAS portal server first (through LDAP and LTPA token).

Question 1: should I implement my own login module to retrieve the user
credential from the WebSphere server's user management module? 
Question 2: has anyone done this type of work before? I'm especially feeling
puzzled about how JAAS compatible user credentials can the retrieved from
WebSphere web/EJB containers.
Question 3: I'd like my application's Access Control module to be the only
entity to have full access to the JCR repository, and all the users (and
other code bases) would have to be authorized by the AC module, using a
configurable access control list (stored either in repository or RDBMS). 
Is this something possible/practical? Could anyone provide some example or
comment on what is the better way and how to implement? 

Thanks,
Dan



> -----Original Message-----
> From: R. Ben Truitt [mailto:btruitt@rackspace.com]
> Sent: August 20, 2006 9:47 PM
> To: users@jackrabbit.apache.org
> Subject: Re: JAAS access and authentication
> 
> Toby,
>   Thanks for getting back to me on this.  Is there any more detail you 
> can provide about how to go about making use of JAAS with Jackrabbit?
> 
> Thanks,
> Ben
> 
> On Aug 20, 2006, at 1:52 PM, Tobias Bocanegra wrote:
> 
> >>   Does JackRabbit support JAAS for access control and 
> >> authentication? It is unclear from the website whether this is 
> >> currently supported.
> > yes, the authentication is done via jaas. you can provide your own 
> > login module, if you wish.
> >
> >>   If yes, can you please provide an example?  I am not incredibly 
> >> familiar with JAAS, so sorry if this is a dumb question.
> > this depends highly on your requirements and the 'host' application 
> > (e.g. appserver you are running jackrabbit in).
> >
> > regards, toby
> > --
> > -----------------------------------------< tobias.bocanegra@day.com
> > >---
> > Tobias Bocanegra, Day Management AG, Barfuesserplatz 6, CH - 4001 
> > Basel T +41 61 226 98 98, F +41 61 226 98 97 
> > -----------------------------------------------< http://www.day.com
> > >---
> 
> R. Ben Truitt
> Software Engineer
> Rackspace Managed Hosting
> 210.447.4542
> 




Mime
View raw message