portals-jetspeed-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Aaron Evans" <aaronmev...@gmail.com>
Subject Re: Security Question
Date Tue, 19 Sep 2006 16:25:33 GMT
I would continue to use jetspeed's JAAS realm for authentication, but
swap out the actual ATN components with your own custom
implementations to lookup against your own tables.

Look at jetspeed's WEB-INF/assembly/security-spi-atn.xml.

You'll need to provide your own custom implementations for the
org.apache.jetspeed.security.spi.CredentialHandler component (this is
for password encoding/hashing) and for the
org.apache.jetspeed.security.spi.UserSecurityHandler component (this
is for the actual authentication).

Then, I would suggest enabling SSO in tomcat (I just finished
describing this on another post, perhaps for the user group).

HTH,
aaron

On 9/19/06, Mark McCullough <bustedmagnet@gmail.com> wrote:
> I'm using Jetspeed 2-m3. Is it possible to point authentication away from
> table security_credential to one of my preexisting tables from another web
> app? SSO doesn't seem to work, and one of the most important portlets link
> to a different web app. I want the username/password to come from the same
> table instead of forcing every user to have a jetspeed username/password and
> web app username/password. Thanks.
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org


Mime
View raw message