users@jersey.java.net

Re: [Jersey] OpenSSO Integration

From: Paul Sandoz <Paul.Sandoz_at_Sun.COM>
Date: Tue, 13 Oct 2009 11:36:07 +0200

Hi Ronak,

I do not have any experience with OpenSSO. We need some OpenSSO
experts to respond (there are some listening :-) ).

When you say "not always setting the principal in the container" can
you provide more information describing the conditions when it does
and does not work?

Note that Jersey obtains the security information, like the Principle,
from the HttpServletRequest instance. So it might be than OpenSSO does
not have appropriate integration with Tomcat's security layer.

Paul.

On Oct 12, 2009, at 9:03 PM, Ronak Patel wrote:

> All,
>
> I've been trying to get OpenSSO integrated with JAX-RS Jersey and
> I'm having a problem with it that I'm wondering someone else may
> also have had.
>
> I have an OpenSSO Agent set up in front of my Jersey applications to
> authenticate and authorize with OpenSSO on Tomcat 6.
>
> The weird thing I'm seeing is that OpenSSO is not always setting the
> principal in the container.
>
> I was wondering if it would be required to implement my own concrete
> class for the SecurityContext which parses the http headers and
> pulls the Principal from OpenSSO using the OpenSSOclientsdk.
>
> Has anyone ever encountered this?
>
> Thanks!
>
> Ronak
>
>