jspwiki-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Andrew Jaquith <andrew.r.jaqu...@gmail.com>
Subject Re: Faking SSO to wiki from java app
Date Tue, 24 Mar 2009 19:01:01 GMT
Hi Louis--

The approach that would make the most sense would be to use your  
container's SSO cookie. Tomcat can do this, and I suspect JBoss can  
also. JSPWiki should be able to pick up the container cookie and  
credential and "know" that the user already logged in.

 From there, you will need to read the user's profile information. The  
JDBCUserDatabase should help you here -- it us quite flexible and  
should be able to be configured to match your existing user table.

I'd do this in reverse order first; get the JDBC user database working  
first, then move to the SSO cookie.


On Mar 24, 2009, at 11:09, Louis.Masters@log-net.com wrote:

> I have an existing Java app running in JBoss that uses a simple DB  
> table
> to do it's authentication.  I want to be able to click on a link in  
> the
> existing Java app and have our wiki popup, already logged in using the
> Java app's user id.  I have already programmed the Java app to  
> redirect to
> the wiki, but I am at a lost as to where to start with the  
> authentication.
> My initial thoughts were to create a custom JSP which calls a custom
> class which "fakes" the login and sets up the security info for the  
> wiki.
> However, after reading several of the JAAS and security docs, I think
> there may be an easier way to do this.
> In summary, I want my wiki to authenticate using my existing app's  
> user
> table.
> Thanks,
> Lou
> JSPWiki 2.8.1
> Windows
> JBoss 4
> Tomcat 5.5
> JDK 1.5
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> LOG-NET, Inc.
> The Logistics Network Management System
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> 230 Half Mile Road
> Third Floor
> Red Bank, NJ 07701
> PH: 732-758-6800
> FAX: 732-747-7497
> http://www.LOG-NET.com
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
> Unless otherwise indicated or if obvious from the nature of the  
> content,
> the information contained herein is privileged and confidential
> information/work product. The communication is intended for the use  
> of the
> individual or entity named above.  If the reader of this  
> transmission is
> not the intended recipient, you are  hereby notified that any
> dissemination, distribution or copying of this communication is  
> strictly
> prohibited.  If you have received this communication in error, please
> notify the sender immediately by telephone (732-758-6800) or by  
> electronic
> mail (postmaster@LOG-NET.com), and destroy any copies, electronic,  
> paper
> or otherwise, which you may have of this communication.  Thank you.
> ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

View raw message