Hi, I have tomcat running standalone and performing authentication using a custom LoginModule.
The module implementation currently creates an InitialContect object using the username and password supplied to the LoginModule. The initial context is then used to look up and call some Realm protected beans in a WLS instance. This propogates the user name and password information to my target remote Realm and allows me to reuse this realm for access to web resources - albeit rather awkwardly. Moreover I have a big problem when the web container makes subsequent requests - I only have access to the user's username, and I cannot create another InitialContext based on this user. Currently all the usernames and passwords are the same to get around this problem! What I need to do is somehow store away the InitialContext against the session. That way whenever I need to lookup EJBs in JNDI on behalf of a session I can always get at an appropriate InitialContext to do the job. Now I'm migrating over to JBoss, I'm trying to find a better way. I can't help thinking that if I've done the job of authenticating a Subject based on a Realm in the app server, there should be someway of reusing that Subject via a web session to a access tha app server's resources. But how? This seems like a common requirement to me. You want to set up one Realm to define your users groups and roles, in one place. You want to use the LoginModule to provide a Subject which can be used in calls to protected web and ejb tier resources. I've seen posts about setting up single sign on for tomcat hosted in JBoss. Can this be achieved with and external tomcat instance? thanks for any help.. Neil <a href="http://www.jboss.org/index.html?module=bb&op=viewtopic&p=3827114#3827114";>View the original post</a> <a href="http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=3827114>Reply to the post</a> ------------------------------------------------------- This SF.Net email is sponsored by: IBM Linux Tutorials Free Linux tutorial presented by Daniel Robbins, President and CEO of GenToo technologies. Learn everything from fundamentals to system administration.http://ads.osdn.com/?ad_id=1470&alloc_id=3638&op=click _______________________________________________ JBoss-user mailing list [EMAIL PROTECTED] https://lists.sourceforge.net/lists/listinfo/jboss-user
