I'm trying to integrate Picketlink IDP SSO between my web applications.
Today, the application is based on GWT (google web toolkit). The user browses to http://host/myapp, and he gets a custmized login page, enters the username and password, selects a domain (as we support multiple domains at the same time), and then he logs in.
I got to a point that things are working with picketlink, with a simple login page (taken from the basic picketlink webapp examples).
In the username I entered, username@domain, and in the password field the password.
Now that the POC is working, I would like to understand how to use the same login page I have today in my application, and integrate it with Picketlink.
Having just a simple screen with username+password is not enough, as I would like to show the user a list of domains, let him choose a domain, and base the authentication process on it.
Also, I would like to keep a standard of the UI in my application, so I would like the look and feel of the login page to match the other components and webapps of my enterprise application.
What are my options to do that?
Today, in the web.xml file, I just have:
<realm-name>PicketLink IDP Application</realm-name>
Basically you are not going to use the Servlet spec mandated auth types (Basic, CLIENT-CERT, digest, form). What you wish to do can be done but you will need a new set of tomcat authenticators. The PL authenticators extend the Tomcat FormAuthenticator.