Hey all, I'm finally going to get rolling with trying to tie together some of our various web-based service offerings into a single UI under jetspeed 2.
So I'm thinking of looking at some of the SSO portlets like SSOWebContent or the IFrame one or something similar. But, I'm seeking some advice because there's a catch. Here's the deal: we've successfully gotten all of our web application service offerings authenticating against a common LDAP server, the same LDAP server that we authenticate against for jetspeed.. So, the user names and passwords for accessing these web applications will be precisely the same ones as they are for accessing jetspeed. Thus, I want to be able to setup some kind of SSO portlet that will point at a given URL (which I would like to vary a bit dynamically based on some user data) and use the user's jetspeed userID and password for the back-end SSO authentication. Now, our passwords are not stored in clear text but rather a SHA based hash. So, I was thinking that if I modified the authentication mechanism in jetspeed to capture the submitted password value at login and store it in a session variable, I could then use that value combined with the principal's name for the SSO authentication. Users should not be required to set their userID and password for a given remote site themselves, we want to hide all of this from them. Nor can they modify the URL we want to send them to but as I said, the URL will vary by customer (which is an LDAP/jetspeed group incidentally). Obviously I would have to extend one or more of the SSO portlets to do this. Anyway, I'm just looking for some general advice before I dive too deep into this to see if anyone can think of a simpler way to achieve something like this. cheers, aaron --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
