• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Custom Authentication & Authorization

 
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi
I am running the Advanced Single server adition of Websphere 4.0 on Solaris. From the administration console, I can only see the setting up authentication as local OS ( solaris) as the user registry.
I have the following requirements
1. I want to execute some custom code to perform authentication and single sign on. The custom code will check for the presence of a cookie in the request. If the cookie is not present, the request is redirected to another servlet, which will display a page for the authentication. Submission of this will execute some custom code, which performs the actual authentication and then if sucessful sets the cookie in the response, and then redirect back to the original request.
What I have understood from the docs is that the authentication can be performed only againest with local OS or an LDAP complaint server as the user registry. Is there any way authentication can be performed with some custom applications as user registeries?
2. I also have the membership information in a custom application. I want to use this to perform the actual authorization of the application components ( servlets, EJB methods). Basically I want to map the users and groups in the custom application to the application roles defined in the deployment descriptor. To do this I some how need to get the application server to call my code get the role/roles for the current principal. I am not sure how do I make websphere to do this job.?
Thanks in Advance
Vasanth
 
Ranch Hand
Posts: 217
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
1. You have to use AE for WAS4.0 to get Customer Registry support. From what I heard from Websphere 2002, from WAS5.0 Customer Registry will be available to any Websphere versions. And JAAS support is also part of WAS5.0.
2. This is stated in J2EE each spec, the container will enforce the implementation. So just invoke the APIs.
You can refer to the customer registry sample codes in AE info center. That's a good starting point.
 
Vasanth Bhat
Greenhorn
Posts: 2
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks
I will take a look at this sample code.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic