1 Reply Latest reply on Mar 9, 2003 3:54 PM by petertje

    How does Jetty associate a Subject w/ the HttpServletRequest

    oz59 Mar 8, 2003 10:28 PM

      I've got Subjects stored in a collection in my server that were created through means other than a web authentication (they are created via SOAP or RMI). How can I "set" them in Jetty so the HttpServletRequest's getUserPrincipal() and isUserInRole(String role) methods can be used properly? Just for some background info, I'm attempting this approach to enable single sign-on where the login point is from a standalone application.

      Thought putting the Subject in the HttpSession using j_subject as the key (as configured in jboss-service.xml) would do the trick. Not so.

      Please, please, please. Anyone give me some insight as to how this might work - I've gone through the "for-pay" docs tens of times and can't find an answer...

      • 1943 Views
      • Tags:
        • 1. Re: How does Jetty associate a Subject w/ the HttpServletReq
          petertje Mar 9, 2003 3:54 PM (in response to oz59)

          Writing you're own custom login module is probably the most simple (and elegant) solution. This would not do any real authentication in your case, but just associate the proper principals with the request/session. Assuming you are using web-based security btw.
          I think there is rather some explanation on writing a login module in the for-pay docs...

          Hth
          Peter

            • Actions