portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Roger Ruttimann (JIRA)" <jetspeed-...@portals.apache.org>
Subject [jira] Closed: (JS2-173) hook in SSO to login / logout life cycle
Date Tue, 06 Dec 2005 18:50:09 GMT
     [ http://issues.apache.org/jira/browse/JS2-173?page=all ]
Roger Ruttimann closed JS2-173:

    Resolution: Fixed

Creating cookies in the LoginModule for any SSO is feasible but cookies can't be directly
injected (in pipeline) into an ongoing request.
Instead I introduced the SSOProxyPortlet that does the same functionality. The SSOProxyPortlet
authenticates any SSO for the given principal before it redirects the request to the final
destination. If the page has any links to SSO protected sites the user won't be prompted since
it has already been authenticated.

Another advantage of this approach is that the SSO component is not bound to the portal infrastructure
(LoginModule / pipeline) and therefore allows easier integration into other SSO frameworks
like JOSSO.


> hook in SSO to login / logout life cycle
> ----------------------------------------
>          Key: JS2-173
>          URL: http://issues.apache.org/jira/browse/JS2-173
>      Project: Jetspeed 2
>         Type: New Feature
>   Components: SSO
>     Versions: 2.0-FINAL
>     Reporter: David Sean Taylor
>     Assignee: Roger Ruttimann
>      Fix For: 2.0-FINAL

> * hook in SSO component to login / logout life cycle providing an entry point for managing
tickets and cookies. 
> * add 2 apis to the SSO component (login, logout)
> * inject SSO component into LoginModuleProxy
> * inject RequestContext into SSO component (for cookies)

This message is automatically generated by JIRA.
If you think it was sent incorrectly contact one of the administrators:
For more information on JIRA, see:

To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org

View raw message