• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Tim Cooke
  • paul wheaton
  • Jeanne Boyarsky
  • Ron McLeod
Sheriffs:
  • Paul Clapham
  • Liutauras Vilda
  • Devaka Cooray
Saloon Keepers:
  • Tim Holloway
  • Roland Mueller
Bartenders:

Clarification on JBoss Negotiate

 
Greenhorn
Posts: 26
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi

Our objetive is to achive SSO on JBoss in windows domain using Kerberos. With that in mind, I started looking at options available in JBoss and came across these two links-

  • http://community.jboss.org/wiki/JbossNegotiation
    http://community.jboss.org/wiki/ConfiguringJBossNegotiationinanallWindowsDomain


  • I am still trying to understand JBossNegotiation. One thing I am not able to get from the above links is whether it uses Kerberos. Note that I am new to all of this and might be missing something very basic.

    Another question was- on the first link above, there is a link to abother webpage under Old SPNEGO/Kerberos Documentation-

    http://community.jboss.org/wiki/NegotiateKerberos

    The title under which this link is given makes me feel SSO on JBoss using Kerberos is an old thing and JBossNegotiation is the latest mechanism. Is this understanding correct? Shall I ignore the last link given above and refer only to the first two links?

    Could someone help me with this?

    Thank you
    Neelesh



     
    Sheriff
    Posts: 10445
    227
    IntelliJ IDE Ubuntu
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    I am not great at these security libraries. And their project names keep changing or new projects keep getting added. Looks like the one with active development, currently is PicketLink which states:


    What components are available under PicketLink projects.

    * IDM: Provide an object model for managing Identities (Users/Groups/Roles) and associated behavior using different identity store backends like LDAP and RDBMS.
    * Federated Identity: Support SAMLv2, WS-Trust and OpenID.
    * AuthZ: Developer friendly authorization framework
    * XACML: Oasis XACMLv2 implementation.
    * Negotiation: Provide SPNego/Kerberos based Desktop SSO.



    You might want to give it a try.


     
    Have you no shame? Have you no decency? Have you no tiny ad?
    Smokeless wood heat with a rocket mass heater
    https://woodheat.net
    reply
      Bookmark Topic Watch Topic
    • New Topic