Hi,
How could I configure Jetspeed-2 so the login portlet can use login details given in tomcat-users.xml ???
Thanks in advance for any help.
Regards
Xavier
see login.conf under the security component:
Jetspeed {
org.apache.jetspeed.security.impl.DefaultLoginModule required debug=true;
};
and org.apache.jetspeed.security.impl.AuthenticationProviderImpl, which ultimately does:
System.setProperty("java.security.auth.login.config",loginConfigUrl.toString());to set the Java Security login module.
To make use of Tomcat's login module, I wanted to suggest simply removing the authentication provider from the Spring configuration and letting Tomcat handle login via the login portlet calling Tomcat's login module (you would need to configure that in Tomcat).
However Im seeing some couplings between the SecurityProvider, GroupManager, RoleManager, and UserManager and the authentication provider. Thus I recommend writing a new Authentication Provider that does not override the login module but simply aggregates the needed handlers.
Im also looking into enhancing the authentication provider this week.
See issue http://issues.apache.org/jira/browse/JS2-173
I still haven't come up with a good solution for that one, but I will be working in this area,
(note this is probably better discussed on jetspeed-dev)
-- David Sean Taylor Bluesunrise Software [EMAIL PROTECTED] [office] +01 707 773-4646 [mobile] +01 707 529 9194
--------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
