users@glassfish.java.net

Re: Security Question

From: <glassfish_at_javadesktop.org>
Date: Tue, 11 Nov 2008 01:53:11 PST

You can write a custom SAM (Server Authentication Module) and configure the web-application to use this. Through the validateRequest method in SAM, the cookie in the HttpServeletRequest could be checked and further authentication can be obviated.

This tech tip explains how to write and configure a SAM:

http://blogs.sun.com/enterprisetechtips/entry/adding_authentication_mechanisms_to_the
http://blogs.sun.com/monzillo/entry/pluggable_authentication_in_the_glassfish

HTH
Nithya
[Message sent by forum member 'nitkal' (nitkal)]

http://forums.java.net/jive/thread.jspa?messageID=315983
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.