JAAS and Authenticating Automatically based on info stored on a cookie - Weblogic

This is a discussion on JAAS and Authenticating Automatically based on info stored on a cookie - Weblogic ; Hi, I am trying to develop a single sign-on architecture between Domino, IIS and WebLogic. Initial page is on Lotus Domino Web Server, so once a user gets authenticated there, I write a cookie with the user info. On IIS ...

+ Reply to Thread
Results 1 to 2 of 2

Thread: JAAS and Authenticating Automatically based on info stored on a cookie

  1. JAAS and Authenticating Automatically based on info stored on a cookie

    Hi,
    I am trying to develop a single sign-on architecture between Domino, IIS and WebLogic.

    Initial page is on Lotus Domino Web Server, so once a user gets authenticated there, I write a cookie with the user info. On IIS I hava an ISAPI developed that automatically authenticates the user based on such info.

    My question is.. Can I use JAAS to rad the info on that cookie and get automatically authenticated (without receiving and additional prompt) on WebLogic ?

    I read somewhere that on Web Application Servers there is no standar API to make a user authenticated withouth submitting the application?s login form. So, I am afraid on JAAS not being similiar to ISAPI to got the sso that I need... Any workaround or idea to get it ?


  2. Re: JAAS and Authenticating Automatically based on info stored on a cookie


    "Andres Gorostidi" wrote in message
    news:3f375870$1@newsgroups.bea.com...
    > Hi,
    > I am trying to develop a single sign-on architecture between Domino, IIS

    and WebLogic.
    >
    > Initial page is on Lotus Domino Web Server, so once a user gets

    authenticated there, I write a cookie with the user info. On IIS I hava an
    ISAPI developed that automatically authenticates the user based on such
    info.
    >
    > My question is.. Can I use JAAS to rad the info on that cookie and get

    automatically authenticated (without receiving and additional prompt) on
    WebLogic ?
    >
    > I read somewhere that on Web Application Servers there is no standar API

    to make a user authenticated withouth submitting the application?s login
    form. So, I am afraid on JAAS not being similiar to ISAPI to got the sso
    that I need... Any workaround or idea to get it ?
    >


    I would look at identity assertion. You can write an identity asserter for a
    token type that corresponds
    to the cookie. The identity asserter can map the cookie token to a username.



+ Reply to Thread