JBoss Seam - Single Sign-on

Does Seam support Single Sign-On? If yes, could that can be extended at OS level SSO? (example, users logged into windows desktop can seamlessly access seam apps without login?)

How about security handled in Seam?

Seam currently has support for OpenID and OpenSSO (http://docs.jboss.com/seam/latest/reference/en-US/html/security.html#d0e13534) support is coming. There are also many forum postings and blogs about getting OSS to work with Seam, simply Google for them

Security is actually a very strong point of Seam. Seam has its own security framework that does much more than most other web app security frameworks. It provides permission-based, and role-based access controls at the object level.

I am not sure how the OS native SSO works -- does the browser pass through some kind of security token to the web app? Can you just make the browser remember the username / password and auto-login?

example, users logged into windows desktop can seamlessly access seam apps without login

I have actually been working through this with JBoss Negotiation and Kerberos authentication. The UserPrincipal gets initialized in the web context by JBoss Negotiation and you can use this principal to auto-login the user with a custom authenticator. Your authenticator can also use the user information to retrieve the roles associated with the user or if you are using Seam 2.1 by providing a role identity store. You can also provide an identity store for fallback authentication (e.g. through LDAP or some other means) should the Kerberos authentication fail.

Thanks for the information Michael & Jacob...

Thanks Jacob.

I wonder if you have any blog talking about the jboss seam sso using jboss negotiation. I am very interested in to know how it works. Thanks.

xiaodu, please do not wake the zombies. Instead, please ask your question in a new post.