JBoss CAS integration
At my customer we have a legacy application that used to authenticate to JBoss 4.2.3 via the web container security module in web xml over form based authentication. In our EJBs we restrict the access to method using permissions.
Now we need to throw away the web based authentication and start using a CAS server (external).
When we disabled the security constrain in the web.xml we get error from EJBs (as expected) but we do not know how to inject the principals and workaround the authentication.
The questions are:
- Do we have somewhere a documented procedure/example to integrate CAS and JBoss (in the jboss site I found only stuff about JBoss portal which is irrelevant.
- Do we have an example on how we can inject principal in a programmatic manner
Thanks
Comments
I found this link never test it
http://www.ja-sig.org/wiki/display/CASUM/SPNEGO
About login to jaas there is few why
1. you can change your service locator to do login
2. use client login
http://www.jboss.org/community/wiki/ClientLoginModule
import javax.security.auth.login.LoginContext; import org.jboss.security.auth.callback.UsernamePasswordHandler; void runAsUser(String username, String password) { UsernamePasswordHandler handler = new UsernamePasswordHandler(username, password); LoginContext lc = new LoginContext("client-login", handler); lc.login(); // Any calls to secured resources now use the username/password identity ... // Clear and restore the previous identity lc.logout(); }These might be helpful:
http://wiki.alfresco.com/wiki/Central_Authentication_Service_Configuration
http://www.ja-sig.org/wiki/display/CASUM/Demo