Hi.
I think that you should be a bit more specific about the exact scheme below.
Can you describe exactly, step by step, what happens just before and "After successfully
logging into the partner app, I will be redirected
and only provided a username to log into my tomcat Form Authentication
" ?
I am asking because I just dealt with an SSO system which works as follows :
- the user sends a request for a protected URL
- the server sends back a login form
- the SSO system somehow "recognises" this login form, "fills it in" with the user's
domain user-id, and submits the login form to the server
- the server performs the authentication "as if" it was the user himself who submitted the
login form
It's pretty neat in fact, but a bit mysterious as to how it works. But it works.
No password is submitted, but cannot a password be blank ?
beau.hutche...@thomsonreuters.com wrote:
Hello:
I am trying to integrate my application with an SSO partner application.
After successfully logging into the partner app, I will be redirected
and only provided a username to log into my tomcat Form Authentication
app. I am using a DataSourceRealm to check for both Users and User
Roles.
Are there any suggestions as to how I can still authenticate() through
the tomcat container without providing a password?
Thanks for your attention,
Beau
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscr...@tomcat.apache.org
For additional commands, e-mail: users-h...@tomcat.apache.org
