hi there,
I have these requirement that has been placed on my plate for the
intranet website that has already been developed using Cocoon-2.0.4 on
Win2000 IIS server running inside Tomcat-4.1.18 servlet container.The
network uses Win2000 Active Directory Setup.Everything worked fine till
now(..unless something else shows up!!).
Currently i am using the LDAP transformer for authentication based on
the login form information entered and from which i get the roles he/she
has been assigned and show the user the role-based view of the
website.The login screen uses XSP and i am using the Sunshine
Authentication block for handling various pipelines.
The security requirement that has been raised is:
Any domain user who wants to use the intranet doesn't need to go
through the login page on the intranet website,since the logged on user
is already a valid user on the domain.So the logon screen doesn't help
much - Well its fine with these requirement because i can make the IIS
server to restrict usage based on Windows Integerated
Authentication.When i say the 'logged-onn' i mean the network login.
But the the next phase is where i am getting stuck at,which is
getting the network logon user details based on which i have to generate
the customized view to restrict access to specific resources on the
website. its because the request object doesn't give me the network
details of the user like the logon-name.If i could even get that,i can
go ahead with finding the rest of the information like his group access
rights.
Has anybody come across such issues?Is there any better way to go
about the whole authentication that i have described here.Any kind of
help would be highly appreciated and thanks for your time.
regards,
Gautam
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
