sso for turbine apps!

[rh...@telerama.com]

I thought I should post to jetspeed also

I just wrote a really cool infrastructure for sso that I will be using to
provide sso for jetspeed and two other turbine applications that I have
written.   I will release it to the jetspeed and turbine community.  I
only need one question to be answered.
Given that I have a HttpSession of a authenticated user in a turbine app,
how can I get the TurbineUser or User object from the session.  
I know that I can do it from the RunData object, but I am in a filter, and
that object is not available to me.

Thanks!

In case you are wondering, it's a set of servlets and filters that get the
cookie value and ask for sso server (a servlet in the authoritative
container) if the session is valid.  If the servlet answers, it will be in
an xml format that the filter will parse and create a new session in that
container.

In this way, two turbine apps in different jvms, on different hosts can
have SSO.  IT works for beyond turbine also, I have the various options
parameterized in the web.xml, so we can do sso between oracle portal, or
whatever.

The only requirement is that the applications are in same domain.
test.x.com and test2.x.com will work.






--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>



--
To unsubscribe, e-mail:   <ma...@jakarta.apache.org>
For additional commands, e-mail: <ma...@jakarta.apache.org>