Hi, I am new to acegi-siteminder integration. I've had acegi working in my app for some time, but it's always been using a form.
Now I want to integrate with an existing Siteminder service. Here are the changes I want to make: 1) My application will no longer need to provide an authentication (login) form, so I want to do away with that option. 2) I can guarantee that the user will be authenticated with Siteminder before ever reaching my app. However, the user ID in the headers is not "sm_user", it's "akoid". Also there is no password needed anymore. If Acegi can see the value of akoid, I want Acegi to use my JdbcDaoImpl implementation to pull the user from the database, if he exists. Here is part of my acegi config: <!-- ===================== USING SITEMINDER ==================== --> <bean id="SSOauthenticationProcessingFilter" class="org.acegisecurity.ui.webapp.SiteminderAuthenticationProcessingFilter"> <property name="authenticationManager" ref="authenticationManager" /> <property name="authenticationFailureUrl" value="/authentication/LoginFailure" /> <property name="defaultTargetUrl" value="/Start" /> <property name="filterProcessesUrl" value="/j_acegi_security_check" /> <property name="siteminderUsernameHeaderKey" value="SM_USER" /> <property name="siteminderPasswordHeaderKey" value="SM_USER" /> </bean> I should be able to change the lines to: <property name="siteminderUsernameHeaderKey" value="akoid" /> <property name="siteminderPasswordHeaderKey" value="akoid" /> To make it work, correct? I don't have a need for password anymore. This is the code for my JdbcDaoImpl implementation's loadUserByUsername(): @Override public UserDetails loadUserByUsername(String akoid) { logger.info("********** SSO AUTHENTICATION: loadUserByUsername("+akoid+")"); akoid=akoid.toLowerCase(); try { logger.info("********** SSO AUTHENTICATION: started for username '"+akoid+"'"); UserDetails user = super.loadUserByUsername(akoid); Session session = sessionFactory.openSession(); for (int i = 0; i < userInfoObjectTypes.length; i++) { Object userInfo = session.createQuery( "from " + userInfoObjectTypes[i] + " where username = '" + akoid + "'") .uniqueResult(); if (userInfo != null) { CustomUser cu = new CustomUser(user.getUsername(), user .getPassword(), user.isEnabled(), user .getAuthorities(), userInfo); return cu; } } CustomUser cu = new CustomUser(user.getUsername(), user .getPassword(), user.isEnabled(), user.getAuthorities()); return cu; } catch (UsernameNotFoundException ex1) { logger.error("********** SSO AUTHENTICATION: User Not Found"); throw ex1; } catch (DataAccessException ex2) { logger.error("********** SSO AUTHENTICATION: Data Access Exception"); ex2.printStackTrace(); throw ex2; } } ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ Home: http://acegisecurity.org Acegisecurity-developer mailing list Acegisecurity-developer@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/acegisecurity-developer