On 13/12/2010 9:02 AM, anyz wrote:
Couold you please guide me towards some documentation/tutorial to set up SSO
the OS (e.g. with Windows/iSeries). For example user is already logged on to
OS and then access the Portal URL. In this case user should not be prompted
for login but should be given access to Portal site.
Provided the Jetspeed users database is in-sync with OS and all users in OS
also exists in Jetspeed.
Thanks
We have done a few SSO setups with Jetspeed.
In SSO, you need to have some sort of trust relationship between the
system sending the person to your site and the site itself.
In addition, you need a mechanism to pass the authenticated identity to
your site.
Jetspeed can authenticate against AD once you link AD to your server as
an LDAP server that the site can ask the user for a username and a
password and ask AD to authenticate the user.
http://www.linux.com/archive/feed/40983 might be a good starting point.
Google "AD authentication for Linux" for lots more description of AD
from a point of view that helps in a non-MS environment.
If you have a trusted process running somewhere that can authenticate
the user and give the Jetspeed login a way to know that the person using
the browser to connect to your Jetspeed site is in fact known to be who
they are logging in as, you can use SSO.
We have a client's internal portal sending authenticated users to our
portal using SAML.
The client's portal authenticates the user and then gives the user's
browser a URL to our site that includes the information that we can use
to determine who they are.
Ron
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
