You are viewing a plain text version of this content. The canonical link for it is here.

Posted to jetspeed-dev@portals.apache.org by je...@jakarta.apache.org on 2004/09/29 00:41:32 UTC

[jira] Created: (JS2-129) Single Sign-On Component

Message:

  A new issue has been created in JIRA.

---------------------------------------------------------------------
View the issue:
  http://issues.apache.org/jira/browse/JS2-129

Here is an overview of the issue:
---------------------------------------------------------------------
        Key: JS2-129
    Summary: Single Sign-On Component
       Type: New Feature

     Status: Open
   Priority: Major

    Project: Jetspeed 2

   Assignee: Roger Ruttimann
   Reporter: Roger Ruttimann

    Created: Tue, 28 Sep 2004 3:40 PM
    Updated: Tue, 28 Sep 2004 3:40 PM
    Due:     Fri, 8 Oct 2004 12:00 AM
Environment: all

Description:
Introduction
----------------
Since a user is logged in into the portal he/she should never be asked to login again to see any content. Web portlets or IFrame portlets which refer to external (to the Web Portal) sites might be only visible after a login (if the target site requires authentication). This behavior can be annoying especially if the portal integrates  different applications that all require authentication.

Proposal
------------
The J2 framework will be extended with a component (SingleSignonComponent) that does a lookup in the database to find credentials for a site (url) and a jetspeed user. The credentials could be assigned to a user, group or a role (Priority needs to be defined like User, Group, Role or better order should be customizable).

For the first implementation two modes will be supported:

Username/password (HTTP Post)
--> Portlets (IFrame, Webpage) will call into SingleSignonComponent with the site (url) and the principal. The returned credentials can be used to add them as parameters to the URL

Basic Authentication (HTTP Basic Authentication)
--> Since many sites use Basic Authentication another API updates the request so that it uses BasicAuthentication with the credentials returned by the lookup (site, principal).

At a later stage the SingleSignonComponent API could be extended with certificates and cookie based authentication.



---------------------------------------------------------------------
JIRA INFORMATION:
This message is automatically generated by JIRA.

If you think it was sent incorrectly contact one of the administrators:
   http://issues.apache.org/jira/secure/Administrators.jspa

If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org

[jira] Closed: (JS2-129) Single Sign-On Component

Posted by "Roger Ruttimann (JIRA)" <je...@jakarta.apache.org>.

     [ http://nagoya.apache.org/jira/browse/JS2-129?page=history ]
     
Roger Ruttimann closed JS2-129:
-------------------------------

     Resolution: Fixed
    Fix Version: 2.0-M1

Added SSO component to J2 (component/sso)


> Single Sign-On Component
> ------------------------
>
>          Key: JS2-129
>          URL: http://nagoya.apache.org/jira/browse/JS2-129
>      Project: Jetspeed 2
>         Type: New Feature
>  Environment: all
>     Reporter: Roger Ruttimann
>     Assignee: Roger Ruttimann
>      Fix For: 2.0-M1

>
> Introduction
> ----------------
> Since a user is logged in into the portal he/she should never be asked to login again to see any content. Web portlets or IFrame portlets which refer to external (to the Web Portal) sites might be only visible after a login (if the target site requires authentication). This behavior can be annoying especially if the portal integrates  different applications that all require authentication.
> Proposal
> ------------
> The J2 framework will be extended with a component (SingleSignonComponent) that does a lookup in the database to find credentials for a site (url) and a jetspeed user. The credentials could be assigned to a user, group or a role (Priority needs to be defined like User, Group, Role or better order should be customizable).
> For the first implementation two modes will be supported:
> Username/password (HTTP Post)
> --> Portlets (IFrame, Webpage) will call into SingleSignonComponent with the site (url) and the principal. The returned credentials can be used to add them as parameters to the URL
> Basic Authentication (HTTP Basic Authentication)
> --> Since many sites use Basic Authentication another API updates the request so that it uses BasicAuthentication with the credentials returned by the lookup (site, principal).
> At a later stage the SingleSignonComponent API could be extended with certificates and cookie based authentication.

-- 
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
   http://nagoya.apache.org/jira/secure/Administrators.jspa
-
If you want more information on JIRA, or have a bug to report see:
   http://www.atlassian.com/software/jira


---------------------------------------------------------------------
To unsubscribe, e-mail: jetspeed-dev-unsubscribe@jakarta.apache.org
For additional commands, e-mail: jetspeed-dev-help@jakarta.apache.org