Hi Mark,
To implement security across multiples applications (Struts or non
Struts), you will have to rely on the container. The container is really
the best way to go if you want to implement a cross applications sign-on.
Now, about your specific question, I guess we are missing some specifics
to be able to answer. You will basically have all your login pages
(L1,L2,L3... ) and I will assume that they all point to that central
authentication component. Or do you call the component that does the
authentication another way? Is it a web service? A post to a URL? And
after that, this component will probably accept a parameter telling him
where to redirect the user.
Which authentication component are you planning on using? We are using
Get Access from Entrust, that has this single sign on and authentication
capabilities is your product the same type of product?
Denis
Le 2010-04-27 16:26, Mark Hansen a écrit :
I am working on a Struts 1.x application that has a number of login pages L1,
L2, L3, ... If a non-authenticated user requests a page - P - that requires
authentication, the user will be redirected to one of these login pages L1, L2,
L3, ... - depending on the context. Once authenticated, he proceeds to page P.
Now, authentication is being centralized across a variety of applications
(Struts and non-Struts). All the login pages from my application (L1, L2, ...)
need to be redirected to this central security application (outside my control)
for authentication. Once the redirected user is authenticated by the central
security application, the user needs to be sent back to his originally
requested page - P.
What would be the best way to securely implement this redirected authentication
in the Struts 1.x framework?
---------------------------------------------------------------------
To unsubscribe, e-mail: user-unsubscr...@struts.apache.org
For additional commands, e-mail: user-h...@struts.apache.org
