*
The moose likes Websphere and the fly likes Websphere Security Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Android Security Essentials Live Lessons this week in the Android forum!
JavaRanch » Java Forums » Products » Websphere
Bookmark "Websphere Security" Watch "Websphere Security" New topic
Author

Websphere Security

Priya Dasu
Greenhorn

Joined: Nov 19, 2003
Posts: 6
Consider this scenario. User logs into site A which authenticates the user. From site A there is a link to Site B clicking on which site A passes the credentials to B. Site B is a struts application running on websphere 5.0. It needs to get the entitlements for the user from an XML file. If my scope starts only from Site B, and i need to take care only of the authorization how do i do so?Also Single Sign On needs to be incorporated between both the applications.
1. Do i use JAAS? If i use JAAS, can i use it only for authorization without using it for authentication. As far as i know, i don't think this is possible. If i am right is there an alternative in JAAS?
2. Is there a way by which i can use WAS Security?
Which is the best way to go about implementing this?
Thanks,
Priya
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Websphere Security
 
Similar Threads
Why JAAS ?
A Question for JBoss at Work Authors
Websphere Security
JAAS and instance based authorisation
Authorization Using Application server