tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From André Warnier ...@ice-sa.com>
Subject Re: Tomcat Form Authentication that requires no password for third party SSO
Date Thu, 27 Jan 2011 23:11:45 GMT
Hi.
I think that you should be a bit more specific about the exact scheme below.
Can you describe exactly, step by step, what happens just before and "After successfully 
logging into the partner app, I will be redirected
and only provided a username to log into my tomcat Form Authentication
" ?

I am asking because I just dealt with an SSO system which works as follows :
- the user sends a request for a protected URL
- the server sends back a login form
- the SSO system somehow "recognises" this login form, "fills it in" with the user's 
domain user-id, and submits the login form to the server
- the server performs the authentication "as if" it was the user himself who submitted the

login form

It's pretty neat in fact, but a bit mysterious as to how it works. But it works.

No password is submitted, but cannot a password be blank ?



beau.hutcheson@thomsonreuters.com wrote:
> Hello:
> I am trying to integrate my application with an SSO partner application.
> 
> After successfully logging into the partner app, I will be redirected
> and only provided a username to log into my tomcat Form Authentication
> app. I am using a DataSourceRealm to check for both Users and User
> Roles.
> 
> Are there any suggestions as to how I can still authenticate() through
> the tomcat container without providing a password?
> 
> Thanks for your attention,
> 
> Beau
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
> For additional commands, e-mail: users-help@tomcat.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tomcat.apache.org
For additional commands, e-mail: users-help@tomcat.apache.org


Mime
View raw message