This week's book giveaway is in the Agile and other Processes forum.
We're giving away four copies of The Mikado Method and have Ola Ellnestam and Daniel Brolund on-line!
See this thread for details.
The moose likes Websphere and the fly likes Websphere Security Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of The Mikado Method this week in the Agile and other Processes forum!
JavaRanch » Java Forums » Products » Websphere
Reply Bookmark "Websphere Security" Watch "Websphere Security" New topic
Author

Websphere Security

Priya Dasu
Greenhorn

Joined: Nov 19, 2003
Posts: 6
posted private message
0
Quote
Consider this scenario. User logs into site A which authenticates the user. From site A there is a link to Site B clicking on which site A passes the credentials to B. Site B is a struts application running on websphere 5.0. It needs to get the entitlements for the user from an XML file. If my scope starts only from Site B, and i need to take care only of the authorization how do i do so?Also Single Sign On needs to be incorporated between both the applications.
1. Do i use JAAS? If i use JAAS, can i use it only for authorization without using it for authentication. As far as i know, i don't think this is possible. If i am right is there an alternative in JAAS?
2. Is there a way by which i can use WAS Security?
Which is the best way to go about implementing this?
Thanks,
Priya
Benny Thomas
Ranch Hand

Joined: Sep 13, 2003
Posts: 44
posted private message
0
Quote
Hi Priya,
Cant you use LTPA.
You can implement single sign on in WAS 5 using LTPA.
Benny

IBM Certified System Administrator - Websphere Application Server 5
 
I agree. Here's the link: http://zeroturnaround.com/jrebel - it saves me about five hours per week
 
subject: Websphere Security
 
Similar Threads
Authorization Using Application server
Why JAAS ?
Websphere Security
A Question for JBoss at Work Authors
JAAS and instance based authorisation