You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-dev@portals.apache.org by "David Sean Taylor (JIRA)" <je...@jakarta.apache.org> on 2004/12/16 14:32:55 UTC

[jira] Created: (JS2-173) hook in SSO to login / logout life cycle

hook in SSO to login / logout life cycle
----------------------------------------

         Key: JS2-173
         URL: http://nagoya.apache.org/jira/browse/JS2-173
     Project: Jetspeed 2
        Type: New Feature
  Components: SSO  
    Versions: 2.0-M2    
    Reporter: David Sean Taylor
 Assigned to: David Sean Taylor 
     Fix For: 2.0-M2


* hook in SSO component to login / logout life cycle providing an entry point for managing tickets and cookies. 

* add 2 apis to the SSO component (login, logout)

* inject SSO component into LoginModuleProxy
* inject RequestContext into SSO component (for cookies)
 

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://nagoya.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org

[jira] Assigned: (JS2-173) hook in SSO to login / logout life cycle

Posted by "David Sean Taylor (JIRA)" <je...@portals.apache.org>.

     [ http://issues.apache.org/jira/browse/JS2-173?page=all ]

David Sean Taylor reassigned JS2-173:
-------------------------------------

    Assign To: Roger Ruttimann  (was: David Sean Taylor)

Im assigning this issue to Roger since he's working on all SSO related issues.
Roger, if you don't want to complete this for the final release, then simply push its version back to POST 2.0 FINAL.

> hook in SSO to login / logout life cycle
> ----------------------------------------
>
>          Key: JS2-173
>          URL: http://issues.apache.org/jira/browse/JS2-173
>      Project: Jetspeed 2
>         Type: New Feature
>   Components: SSO
>     Versions: 2.0-M2
>     Reporter: David Sean Taylor
>     Assignee: Roger Ruttimann
>      Fix For: 2.0-M2

>
> * hook in SSO component to login / logout life cycle providing an entry point for managing tickets and cookies. 
> * add 2 apis to the SSO component (login, logout)
> * inject SSO component into LoginModuleProxy
> * inject RequestContext into SSO component (for cookies)
>  

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org

[jira] Updated: (JS2-173) hook in SSO to login / logout life cycle

Posted by "David Sean Taylor (JIRA)" <je...@portals.apache.org>.

     [ http://issues.apache.org/jira/browse/JS2-173?page=all ]

David Sean Taylor updated JS2-173:
----------------------------------

    Fix Version: 2.0-FINAL
                     (was: 2.0-M2)
    Description: 
* hook in SSO component to login / logout life cycle providing an entry point for managing tickets and cookies. 

* add 2 apis to the SSO component (login, logout)

* inject SSO component into LoginModuleProxy
* inject RequestContext into SSO component (for cookies)
 

  was:
* hook in SSO component to login / logout life cycle providing an entry point for managing tickets and cookies. 

* add 2 apis to the SSO component (login, logout)

* inject SSO component into LoginModuleProxy
* inject RequestContext into SSO component (for cookies)
 

        Version: 2.0-FINAL
                     (was: 2.0-M2)
    Environment: 

> hook in SSO to login / logout life cycle
> ----------------------------------------
>
>          Key: JS2-173
>          URL: http://issues.apache.org/jira/browse/JS2-173
>      Project: Jetspeed 2
>         Type: New Feature
>   Components: SSO
>     Versions: 2.0-FINAL
>     Reporter: David Sean Taylor
>     Assignee: Roger Ruttimann
>      Fix For: 2.0-FINAL

>
> * hook in SSO component to login / logout life cycle providing an entry point for managing tickets and cookies. 
> * add 2 apis to the SSO component (login, logout)
> * inject SSO component into LoginModuleProxy
> * inject RequestContext into SSO component (for cookies)
>  

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org

[jira] Closed: (JS2-173) hook in SSO to login / logout life cycle

Posted by "Roger Ruttimann (JIRA)" <je...@portals.apache.org>.

     [ http://issues.apache.org/jira/browse/JS2-173?page=all ]
     
Roger Ruttimann closed JS2-173:
-------------------------------

    Resolution: Fixed



Creating cookies in the LoginModule for any SSO is feasible but cookies can't be directly injected (in pipeline) into an ongoing request.
Instead I introduced the SSOProxyPortlet that does the same functionality. The SSOProxyPortlet authenticates any SSO for the given principal before it redirects the request to the final destination. If the page has any links to SSO protected sites the user won't be prompted since it has already been authenticated.

Another advantage of this approach is that the SSO component is not bound to the portal infrastructure (LoginModule / pipeline) and therefore allows easier integration into other SSO frameworks like JOSSO.

 

> hook in SSO to login / logout life cycle
> ----------------------------------------
>
>          Key: JS2-173
>          URL: http://issues.apache.org/jira/browse/JS2-173
>      Project: Jetspeed 2
>         Type: New Feature
>   Components: SSO
>     Versions: 2.0-FINAL
>     Reporter: David Sean Taylor
>     Assignee: Roger Ruttimann
>      Fix For: 2.0-FINAL

>
> * hook in SSO component to login / logout life cycle providing an entry point for managing tickets and cookies. 
> * add 2 apis to the SSO component (login, logout)
> * inject SSO component into LoginModuleProxy
> * inject RequestContext into SSO component (for cookies)
>  

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@portals.apache.org
For additional commands, e-mail: jetspeed-dev-help@portals.apache.org