Ok, Can someone at least point me to where in the source repository the source is kept for these portlets:
org.apache.jetspeed.portlet.SSOWebContentPortlet org.apache.jetspeed.portlet.SSOIFramePortlet thanks in advance, aaron On Thu, Sep 11, 2008 at 1:37 PM, Aaron Evans <[EMAIL PROTECTED]> wrote: > Hey all, > > I'm finally going to get rolling with trying to tie together some of > our various web-based service offerings into a single UI under > jetspeed 2. > > So I'm thinking of looking at some of the SSO portlets like > SSOWebContent or the IFrame one or something similar. > > But, I'm seeking some advice because there's a catch. > > Here's the deal: we've successfully gotten all of our web application > service offerings authenticating against a common LDAP server, the > same LDAP server that we authenticate against for jetspeed.. > > So, the user names and passwords for accessing these web applications > will be precisely the same ones as they are for accessing jetspeed. > > Thus, I want to be able to setup some kind of SSO portlet that will > point at a given URL (which I would like to vary a bit dynamically > based on some user data) and use the user's jetspeed userID and > password for the back-end SSO authentication. > > Now, our passwords are not stored in clear text but rather a SHA based hash. > > So, I was thinking that if I modified the authentication mechanism in > jetspeed to capture the submitted password value at login and store it > in a session variable, I could then use that value combined with the > principal's name for the SSO authentication. > > Users should not be required to set their userID and password for a > given remote site themselves, we want to hide all of this from them. > Nor can they modify the URL we want to send them to but as I said, the > URL will vary by customer (which is an LDAP/jetspeed group > incidentally). > > Obviously I would have to extend one or more of the SSO portlets to do this. > > Anyway, I'm just looking for some general advice before I dive too > deep into this to see if anyone can think of a simpler way to achieve > something like this. > > cheers, > aaron > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
