24 May
2010
24 May
'10
5:25 p.m.
What you can do is set the REMOTE_USER and then use the
AppServerTrustedAuthentication or a derivative
This way you won't need anything from XWIKI in your authenticator
Envoyé de mon iPhone
Le 24 mai 2010 à 16:26, Luiz Marcelo Serique
<marcelo.serique(a)gmail.com> a écrit :
Hi,
I'm new on list, and new on xwiki too, we have successfully deployed
the XWiki Enterprise 2.3 in our company, but there is some pre
requisites that we must accomplish to integrate the system to our SSO
aplication. The SSO is a very simple aplication that stores all users
and groups on a independent database, the SSO system have a interface
that shows, like a catalog, all the internal systems that a specific
person (logged in person) has access. The archictecture is very
simple, and almost time insecure, passing by GET parameter the
credentials to other systems in php, java, python, etc..., but this is
another point that we here have to discuss and adjust adjust.
To provide this SSO to xwiki i was wondering create a Filter that
verify those GET parameters and programmatically authenticates the
user to XWiki and use the MyFormAuthenticator.authenticate() to
perform the login.
But here come the question, the authenticate method needs a
XWikiContext object, is it possible to have this context in a Servlet
Filter?
And you guys have some suggestions about my strategy? Any alternative
to what i want achieve?
--
L. Marcelo
_______________________________________________
devs mailing list
devs(a)xwiki.org
http://lists.xwiki.org/mailman/listinfo/devs