Genreal question on remote authentication with tapestry web applications

[Peter Stavrinides <P....@albourne.com>]

Hi everyone,

Basically my question is a very broad one about integrating Tapestry with remote authentication and authorization protocols, if this question is a little off topic I apologize in advance... I have an upcoming project to think about, and thought I should get some expert opinions before I start:

My project will involve a joint venture with a 3rd party to share some data and resources remotely over the web... my conundrum is how to secure these exchanges, which will need to be encrypted. I would like to know what security protocols / libraries people are using with Tapestry, which need not necessarily relate to my specific use case. 

Just FYI my set up as follows:
- Apache with SSL (mod_ajp) => Tomcat 6 
- Tapestry 5.1 Extranet Portal
- A relational database to store authentication information (this cannot change)
- A Single account for all portlets / web apps
- Mostly use forms based authentication
- Custom written authentication, authorization and session management (written mostly in Tapestry IoC)

Using Web Services is the most obvious to me at the moment, although I don't know much about the security protocols / libraries to use in conjunction and most important how to integrate them into our Tapestry based security API.  

Thanks in advance,
Peter


---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@tapestry.apache.org
For additional commands, e-mail: users-help@tapestry.apache.org