Hi Doug,
Doug Chestnut schrieb:
> Hi Devs,
> Just getting back into Lenya development (have been busy juggling other
> tasks for the past couple of months).
>
> I am trying to implement a single sign on solution for our Lenya
> implementation. We are using pub cookie for sso and authentication
> takes place at the apache httpd module level. My thought is that I just
> need to set up mod_jk to pass the REMOTE_USER to lenya, and add a
> snippet to my sitemap that checks to see if
> request.parameter('REMOTE_USER') is set, and if so, send to a usecase
> that sets up my RemoteUser with a session.
you don't even need to modify the sitemap.
To evaluate the request header or parameter, you can
- implement a custom Authenticator (see [1]),
- add a patch file for cocoon.xconf (similar to [2])
When your module which contains the patch file declares a dependency
to the ac-impl module, you can use the "remove" attribute to replace
the existing declaration.
[1]
http://lenya.apache.org/apidocs/1.4/org/apache/lenya/ac/Authenticator.html
[2] modules-core/ac-impl/config/cocoon-xconf/authenticator.xconf
HTH,
-- Andreas
>
> Am I missing something? Are there security concerns with passing the
> credentials via mod_jk/request param?
>
> Thanks for any input.
>
> --Doug
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
