Hey guys, A general question for enterprise based web applications. Is JAAS the standard authorization and authentication framework to implement a sort of global policy login system (like LDAP or something?)
I'm not that familiar with such logins methods but at my present office one of the complaints with some clients has been that one of our products maintains it's own userbase with it's own roles and this impedes SSO integration with other applications using services such as LDAP/ActiveDirectory. With this personal "project" of mine I'd like to look at implementing a correct method based on standard java security policy files and roles. Even some maybe some LDAP which I've been hearing quite a bit about. So if anyone can give me advice on a framework or a few links for some reading to implement such a login authentication/authorization service (w/ Struts2 ++BONUS lol) that'd be great. Regards, Paul
