> it would probably be best to develop a principal or
> name mapping service to be used at the interface to
> the third party apps. The connector world has similar
> requirements, you may want to check if the connector
> infrastructure of glassfish provides a principal
> mapping facility that you can leverage.
I'll have to do some more reading about the "connector world" as I know nothing about it. However, I have been reading you blog posts and the specs and am finally seeing a few pieces fall into place.
Am I correct that when you configure a SAM that the authentication information provided in the web.xml is no long used? In otherwords I have form based authentication configured, but I don't get redirected to my form when I hit the secured resource. If this is a true statement is it possible to access the configuration information and find the login form and error page paths so that I can redirect the browser from my sam? Also, since this is all taking place in the validateRequest would I not return SEND_SUCCESS rather than SUCCESS since I would have already configured the forward in the response and no other processing would need to take place or am I again understanding this incorrectly.
[Message sent by forum member 'chadws' (chadws)]
http://forums.java.net/jive/thread.jspa?messageID=301688