Hi Tom -- You didn't mention what version of JSPWiki you are using, but I assume it's 2.8, right?
I don't know the specifics of your setup, but one way to solve this might be use container authentication. If you authenticate users via the container, JSPWiki will "pick up" those credentials and know that the user authenticated successfully. The other approach might be write a custom Filter that intercepts the request before JSPWiki does. The filter would look in the user request and extract whatever proof of authentication is in there, for example a special cookie. The HTTP request would then be re-wrapped so that the wrapped request's getUserPrincipal() method returned the credential. That, too, would give JSPWiki what it needed. Andrew On Fri, Jan 8, 2010 at 6:03 PM, Tom Wheeler <[email protected]> wrote: > I'd like to integrate JSPWiki with our company's Web-based single sign > on system (SSO). I've figured out how I can plug in a custom > authenticator to validate the username/password specified on the > JSPWiki login page, but this won't work with our SSO. > > To be more specific, our SSO is implemented somewhat like Kerberos, > where the application does not have access to the credientials but > simply delegates to another server for authentication. Thus, I won't > have a login page on JSPWiki at all -- I just want to plug in some > code that will provide whatever user information JSPWiki might need > (and redirect unauthenticated requests to the remote server). > > It's not clear to me what I should subclass and how to configure > JSPWiki to use it. Any hints about how to do this would be greatly > appreciated. > > -- > Tom Wheeler > http://www.tomwheeler.com/ >
