1 Reply Latest reply on Jun 19, 2007 5:55 PM by Antoine Herzog

    Capturing User Entered Password for Legacy Applicaton Use/ R

    E Nova Newbie


      We are developing a portlet that will connect to a remote application that requires an inline username/password for authentication.

      Although we are able to use the "same" user name/password for that application as for the portal but the legacy application is not single signon enabled.

      How, or can we, have the JBOSS portal server provide to our portlet the password string as entered/typed by user on the initial login ?

      IBM WS and BEA provide a way to do this by means of some extra configuration for remote portlets ( credential vaults, shared authentication etc)

        • 1. Re: Capturing User Entered Password for Legacy Applicaton Us
          Antoine Herzog Master

          You have to look at the Tomcat authentication process.
          JBoss Portal rely on this common feature of Tomcat to get the authentication done.

          Look at the /deploy/jboss-portal.sar/portal-server.war war to see how it is done.
          The web.xml define the authentication requierments and process.

          Then it is as any web servlet application. (that is I don't really know how to... ;-)

          Look also at the login.jsp in this war.
          It is in the form of this jsp (called by tomcat, not by the portal) that the password is sent back to the server.
          You may find a way to retrieve the password...