Jaron, I have had to to a similar thing. Although the SSO system did set a 'regular' request header instead of a cookie. Ate Douma pointed me in the direction of using a solution based on the org.apache.jetspeed.login.filter.PortalFilter.
As long as you can construct a Subject and add it to the request it will be sufficient. I guess the you could use the UserManager to check weather the user has a profile. In case you go for the filter solution you could get rid off some security realted valves in Jetspeed's pipeline. That will probably create a better overview of what is happening to your request when it goes through the Portal. Regards, Æde van der Weij > Subject: SSO integration > Date: Thu, 28 Aug 2008 16:55:07 +0200 > From: [EMAIL PROTECTED] > To: [email protected] > CC: [EMAIL PROTECTED] > > > > Hello, > > > > I would like advice as to what is the easiest / best way to automate > logon in jetspeed. > > > > Jetspeed will be running behind a SSO / filter that is on a different > machine. This SSO application places a cookie in the request which means > that the request comes from an authenticated user. The name and the > contents of the cookie cannot be changed as it is created and used by > other applications. That the user has been authenticated does not mean > that the user exists as a user in the jetspeed portal. There are 2 types > of users for the portal to handle: "authenticated non members" and > "authenticated members". > > > > Based on the loginid that is in the cookie the portal has to look in a > ldap server to check wether that loginid is present. If it is not > present the user is apparently an "authenticated non member", and should > be able to see the portal as a guest without any credentials. In case > the loginid is present, jetspeed portal credentials should be created > and the user should be able to see the portal as someone that is logged > in. The portal never checks any password credentials! It just checks if > the user is in the list of registered user in the ldap server. > > > > Based on the above requirements, what are the possible ways to implement > this and what is the best way to follow? > > > > As far as I have read through the jetspeed documentation, it usually > assumes that the jetspeed portal is the SSO implementing component > instead of the SSO client that is is in this case. > > > > > > Kind regards, > > > > Jaron Schut > > > > DISCLAIMER: > > > > Dit bericht (met bijlagen) is zorgvuldig samengesteld. Voor eventuele > onjuistheid en/of onvolledigheid van de hierin verstrekte informatie > aanvaardt Kennisnet geen aansprakelijkheid. Aan de inhoud van dit bericht > (met bijlagen) kunnen geen rechten worden ontleend. De inhoud van dit bericht > (met bijlagen) kan vertrouwelijke informatie bevatten en is uitsluitend > bestemd voor de geadresseerde van dit bericht. _________________________________________________________________ Express yourself instantly with MSN Messenger! Download today it's FREE! http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
