For our simple POC, I did not extend any classes to achieve SSO, but just modified doPerform() of class JLoginUser and used RunData to read the user and sessionspec (3rd party SSO) from the request header.
In the same method, invoked a custom helper class to validate the sessionspec against the 3rd party Authentication server and reject or accept the user based on the outcome. Further checked to see if the User is a JetspeedUser (ie. in Jetspeed database). If not, created the user using JetspeedSecurity.addUser() and assigning each user a common password. Proceeded by login the user using JetspeedSecurity.login(). Only caveat here is I could not get the auto-login to work w/o the password. If there was a way in Jetspeed to create a Jetspeed user session by just using the UserId !? But this works. As long as the password is complex and the Jetspeed Login interface is commented out in JetspeedResource.properties (topnav.user_login.enable=false) ! To invoke the JLoginUser SSO, I simply point the browser to http://server/jetspeed/portal?action=JLoginUser . My SSO solution intercepts the request, prompts for Login, authenticates and authorizes the user and simply redirects to the above URL and from then on the doPerform() of JLoginUser takes over as described above. regards -Jignesh David Sean Taylor <[EMAIL PROTECTED]> 03/23/2004 01:23 PM Please respond to "Jetspeed Users List" To: "Jetspeed Users List" <[EMAIL PROTECTED]> cc: Subject: Re: Is there a Login Portlet in Jetspeed 1.4? On Wednesday, March 17, 2004, at 02:02 PM, Glen Carl wrote: > You need to build your own Login in modules to use instead of the > Jetspeed modules in > src/java/org/apache/jetspeed/modules/actions > The CreateNewUserAndConfirm, JLoginUser, JLogoutUser, > SendConfirmationEmail and SendNewUserNotificationEmail were the > modules I modified to interface with our SSO solution that have HTTP > headers. > Sounds cool. Anything to contribute back? --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
