users@glassfish.java.net

Re: JAAS / OpenSSO / ?

From: Barry van Someren <barry_at_bvansomeren.net>
Date: Thu, 25 Mar 2010 10:28:58 +0100

Hi,

I currently run a few deployments of a JEE 5 webapplication which uses
OpenSSO and my take is that OpenSSO can be simple if you stick with
the basics. For web applications it will preserve your login across
different servers and even domains (as it says on the tin) and I'm
very sure it will do the same for webservices, but don't have
firsthand experience (yet)

OpenSSO will also work across different servers, you just install an
agent per server within the same (OpenSSO)realm and the same
credentials and policies will be used across the realm. You can even
use it on Apache, Sun Webserver.
A custom realm can also work (for example if the client does not keep
state and sends their credentials with every request) but you have to
ensure you have the same kind of custom realm installed everywhere.
JAAS can possibly help with this, being a standard and all ;-)

Regards,

Barry

On Wed, Mar 24, 2010 at 8:10 PM, <glassfish_at_javadesktop.org> wrote:
> Hey there,
> I'm kind of new to Java EE and Glassfish. Now I want to write
> a web service for authentication and authorisation so that i can use it for different applications across containers.
>
> I read about JAAS and realms in Glassfish and tried a simple setup
> for authentication/authorisation within Glassfish without problems. Now i would like
> to have a web service that allows me to do something similar across more than
> this one instance of Glassfish, but across other containers / Java EE application servers.
>
> I dont know if a custom realm can still be a solution for this?
> I stumbled across OpenSSO/OpenAM. Would that be the better choice for the task or
> something completely different that I havent found yet? Can someone advise me to find the right direction?
> Thanks
> [Message sent by forum member 'takki']
>
> http://forums.java.net/jive/thread.jspa?messageID=393561
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: users-unsubscribe_at_glassfish.dev.java.net
> For additional commands, e-mail: users-help_at_glassfish.dev.java.net
>
> 



-- 
Barry van Someren
---------------------------------------
LinkedIn: http://www.linkedin.com/in/barryvansomeren
Skype: BvsomerenSprout
Blog: http://blog.bvansomeren.com
KvK: 27317624
M: +31 (0)6-81464338
T: +31 (0)70-2500450
© Oracle | By contributing to this project, you are agreeing to the terms of use described here.