Please ignore this message. I have just figured it out, was using wrong naming convention.
NIrving -----Original Message----- From: Nicholas Irving [mailto:[EMAIL PROTECTED] Sent: Sunday, 29 January 2006 9:01 AM To: [EMAIL PROTECTED] Apache. Org Subject: Best way to implement own Sign On functionality? Hi All I am trying to implement my own Single Sign On Solution (why you may ask when there a number of solutions out there?, because I would like to learn myself and I feel that there are some flaws) For example I am have a simple Perl proxy that I have written that does simple load balancing (again why? Because I am learning how to implement solutions and better my understanding of issues and problems) and handles now I would like to handle authorisation from there. That is not a problem, have that talking to my LDAP and works fine, so now have the basis of a simple SSO solution. I would like to now integrate this into my tomcat application server, so that when a user auths to my proxy they are automatically authed (if they have the correct permissions) into Tomcat (currently using 5.0.28). I am doing this by passing in the HTTP Header the UID of the auth’d identity. I have a Valve that reads the headers and if exists extracts the UID and uses a customised version of the LDAP realm to auth them into Tomcat. This works fine and is not a problem for me, however I have to use a custom cookie to tell the TomCat valve that this user already is auth’d and generate a new principal. I feel that this solution adds an overhead that is not required and I would therefore like to use the Single Sign On valve to handle all of this for me. It appears that a lot of the core functionality is protected so that it is not possible to create your own Session Cookie for SSO, so does this mean that I have to extend the TomCat source code to add this functionality and therefore face the problems of getting exisiting users to update their source? Or is there another way that I can write code that can be trusted to generate these cookies for me? Nicholas Irving [EMAIL PROTECTED] -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.14.23/243 - Release Date: 27/01/2006 -- No virus found in this incoming message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.14.23/243 - Release Date: 27/01/2006 -- No virus found in this outgoing message. Checked by AVG Free Edition. Version: 7.1.375 / Virus Database: 267.14.23/243 - Release Date: 27/01/2006 --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
