Hi
We have deployed one app in glassfish (v2.1) which uses standard JAAS authn & Authz mechanisms. The app is making getRemoteUser and isUserinRole to derive the ACLs.
The app is using one LDAP realm
When we login to the app directly, everything works great. However, when we try to connect to the app via apache ( we authenticate through siteminder on apache), we are getting double prompted - one from apache/siteminder & again from the glassfish realm
I can see REMOTE_USER header is getting populated .
Is there any way to tell glassfish to accept the REMOTE_USER as the principal & then do LDAP checkups to verify authorization policies ( and may be the password)?
Thanks
Jay
[Message sent by forum member 'jaymalya' (jaymalya)]
http://forums.java.net/jive/thread.jspa?messageID=342336