hello all ... i'm facing exactely the same problem. I've developed my own clustered sso mecanism. I have an SSO Valve that gets the Principal from a distributed authentication cache (handle by JGroups) and call the request.setUserPrincipal() in order to authenticate it.
But when the request is adress to a server on which the user has never been authenticated, although the SSOValve do its job, I have this NullPointerException that is raised. I assum that this is because the server's JBossSecurityMgrRealm roleMap does not map the principal with a JBossGenericPrincipal. I have tried to force the authenticate(string, string) method of the JBossSecurityMgrRealm .... but that gives à Null Principal because there is no securityContext available thru JNDI !!! How can i do to force silent authentication in order to build a JBossGenericPrincipal that will be put in the roleMap ??? I Assume that the JBoss ClusteredSingleSignOn Valve work properly ... apparently it has a mecanism that is close to my own valve .... so what is the real difference ??? thanks a lot for your help scott. See ya ! PS : Sorry for my poor english ! View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3959674#3959674 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3959674 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user