2 Replies Latest reply on May 19, 2008 4:45 PM by Ryan McDonough

    Seam Security without JASS using SiteMinder?

    Ryan McDonough Newbie

      I'd like to know if Seam can support handing off authentication to another system such as CA SiteMinder? My current project is using SiteMinder and the infrastructure is configured in such a way that the Web Server forwards all requests to the application server. When a user requests a protected resources, SiteMinder intercepts the request and handles the authentication activities on a completely sepatate system. In this set up, the application server does not actively participate in the authentication process until the user has been authenticated.

      I'd like to leverage Seam's security features, but I'm not sure if this is even possible with Seam given this configuration. Since this set up is not leveraging JAAS in anyway shape or form, I obviously have some challeneges. With that said, I'd like to know if it is possible to have Seam delegate to a login form that it does not manage (hence Seam is not collecting the username and password) and can determine teh autentication status by looking at the reponse by the external application?