Hi Ate, Thanks a lot for replying.
Those methods on those interfaces are exactly what I am looking for, and had found them before. The problem I was having was trying to get a reference to an implementation of the interface that I could invoke. The Shibboleth example shows how that is done, by invoking o.a.j.Jetspeed.getComponentManager() and then getting the necessary components from the ComponentManager. Exactly what I need, so thanks for pointing that out. The trouble I was having was due to the fact that the online API docs are apparently out-of-date. http://portals.apache.org/jetspeed-2/apidocs/index.html For example, there is no o.a.j.Jetspeed class listed. I understand that this is an open-source volunteer project, and I'm not complaining. There is I'm sure way more work to be done than people stepping up to do it. And it's quite possible that somewhere in the available docs it explains how this is done, but I admit I haven't read the docs exhaustively. So, anyways, thanks for pointing out those examples. That is exactly the clue I needed. I'll see where I can go from there. Thanks, Linus -----Message d'origine----- De : Ate Douma [mailto:[email protected]] Envoyé : Tuesday, October 13, 2009 1:12 AM À : Jetspeed Users List Objet : Re: external web service authenticate against jetspeed Linus Kamb wrote: > Ok, I'll have to admit my ignorance here, but how do I get a handle on the > Jetspeed Security API? In particular, how do I get to the LoginModuleProxy? I don't think you need or even want to use the LoginModuleProxy which is only used for JAAS based authentication for a *Jetspeed* targeted request. If I understand you correctly, you have a webs ervice for which you want to validate a provided identity against the Jetspeed security API, right? If you only need to validate a username, you can use o.a.j.security.UserManager.userExists(String username), or use UserManager.getUser(String username) if you need further evaluation of an existing user. If you need to authenticate using username/password, use AuthenenticationProvider.authenticate(String username, String password). As example, take a look at o.a.j.login.filter.PortalFilter, or somewhat more complex o.a.j.security.impl.shibboleth.ShibbolethPortalFilter (both can be found in the jetspeed-portal component). Regards, Ate > > Thanks, > Linus > > -----Message d'origine----- > De : Ate Douma [mailto:[email protected]] > Envoyé : Tuesday, September 29, 2009 12:49 PM > À : Jetspeed Users List > Objet : Re: external web service authenticate against jetspeed > > Linus Kamb wrote: >> I don't know if this is a stupid question, but is it possible to have an >> external web service authenticate somehow using jetspeed's authentication >> mechanisms? I have data services and I would like them to only return > data >> for valid jetspeed users. > > We don't have such a solution in place right now, but it should be possible > to write one without too much trouble if you want. > The Jetspeed Security API allows you to programmatically perform such > authentication if you want. > You could easily write a dedicated rest like "service" servlet or filter > doing so and invoke it from your data services, either remotely or > as a (cross-context) include if your data-services run on the same app > server. > (if you do, we might be interested in supporting/integrating this directly > in Jetspeed as well, just let us know) > > Alternatively, I'm currently in the process of writing a generic SAML2 SP > component for Jetspeed which should become available pretty soon. > If your data services also can authenticate against a SAML2 IDP you could > setup a SAML2 SSO solution without having to rely on Jetspeed > authentication itself. > > Regards, > > Ate > >> >> >> Thanks, >> >> Linus >> >> >> >> > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
