Hello Forum;
Using Glassfish v2ur2. I've configured a LDAPRealm (com.sun.enterprise.security.auth.realm.ldap.LDAPRealm), this is fine for intranet applications. Requests from internet pass by an web-entry-server, this server authenticates the user (using the same ldap). Then the web-entry server adds a
cookie to the request which contains (encoded) the username.
I want to avoid a second login for the user who has logged in before on the web entry server. How can I do that? I think creating an own realm cannot help as the Realm
has no access to the ServletRequest (to read the cookie and check if the user has pre-authenticated).
Creating a Servlet-Filter and provide to all applications by default-web.xml can read and validate the cookie (if any), but can a Servlet Filter call the Glassfish
server and 'inject' the user (without validating on ldap, but with group search on ldap)?
Or is there another way?
Thank you very much for any hints...
JDrive
[Message sent by forum member 'jdrive' (jdrive)]
http://forums.java.net/jive/thread.jspa?messageID=315761