2 Replies Latest reply on Apr 10, 2002 8:48 AM by Rick Hall

    JAAS authentication using Kerberos or Certificates

    Per-Ivar Bakke Newbie


      I have recently started to use/evaluate Jboss and found the support for JAAS Based Security to be well documented and working exactly according to the documentation.

      However, our project would require several different authentication schemas based on:
      - User name and password (for Web access)
      - Client certificate (for B2B services)
      - Some sort of Single-Sign-On (Kerberos?) for
      SSO between applications

      Furthermore, after the clients are authenticated, we would require role based authorization similar to what is demonstrated in the Jboss JAAS example (with users and roles in a database).

      Now to my question:
      1) Is there a simple way of authenticating client using certificates, map the certificate to a user defined in a database and get authorization based on roles defined for the user.
      2) Similar question as above using some sort of Kerberos login module?
      3) What would I need to write myself, and what is supported by Jboss?

      If it makes any diference, we would like to run a Tomcat Web server on a different machine than the Jboss application server.