From: Scott Prater <pra...@wisc.edu>Date: January 20, 2011 11:49:55 CSTTo: SCOTT J BUCKINGHAM <sjbuck...@doit.wisc.edu>, KEITH D HAZELTON <haze...@wisc.edu>, Bradley Schwoerer <schw...@doit.wisc.edu>Subject: Shibboleth2 and web application JAAS?Do any of you have any experience, or know of anyone in DoIT, who has worked with JAAS in a web application that is fronted by Shibboleth2 authnz?
I'm playing with our Fedora repository, and it has a new, semi-experimental JAAS module that can be configured to handle authnz for access to repository objects. The only references I'm finding to integrating Shibboleth and JAAS from a consuming application's POV, though, are to the SPIEE project, last updated in 2006, using Tomcat 5.5 and Shibboleth 1.3. I'm thinking there has to be more recent work done.
Thanks in advance,
-- Scott
--
Scott Prater
Library, Instructional, and Research Applications (LIRA)
Division of Information Technology (DoIT)
University of Wisconsin - Madison
pra...@wisc.edu
> We're not using any JAAS - straight shib and fedora. This link
> should explain it all. But I'm more than happy to answer any other
> questions.
>https://wiki.brown.edu/confluence/display/bipg/shibboleth+fedora+authentication
>
> -Mike
Michael Park (CC'ed on this msg) did the work and is willing to answer
questions.
On 1/20/11 4:07 PM, Keith Hazelton wrote:
> Advice for our colleague here at Madison? --Keith
>
> Begin forwarded message:
>
>> *From: *Scott Prater <pra...@wisc.edu <mailto:pra...@wisc.edu>>
>> *Date: *January 20, 2011 11:49:55 CST
>> *To: *SCOTT J BUCKINGHAM <sjbuck...@doit.wisc.edu
>> <mailto:sjbuck...@doit.wisc.edu>>, KEITH D HAZELTON
>> <haze...@wisc.edu <mailto:haze...@wisc.edu>>, Bradley Schwoerer
>> <schw...@doit.wisc.edu <mailto:schw...@doit.wisc.edu>>
>> *Subject: **Shibboleth2 and web application JAAS?*
>>
>> Do any of you have any experience, or know of anyone in DoIT, who has
>> worked with JAAS in a web application that is fronted by Shibboleth2
>> authnz?
>>
>> I'm playing with our Fedora repository, and it has a new,
>> semi-experimental JAAS module that can be configured to handle authnz
>> for access to repository objects. The only references I'm finding to
>> integrating Shibboleth and JAAS from a consuming application's POV,
>> though, are to the SPIEE project, last updated in 2006, using Tomcat
>> 5.5 and Shibboleth 1.3. I'm thinking there has to be more recent work
>> done.
>>
>> Thanks in advance,
>>
>> -- Scott
>> --
>> Scott Prater
>> Library, Instructional, and Research Applications (LIRA)
>> Division of Information Technology (DoIT)
>> University of Wisconsin - Madison
>> pra...@wisc.edu <mailto:pra...@wisc.edu>
>
My guess would be that they are either feeding the entire HTTP request
in to the JAAS context and JAAS plugins written for Fedora will need to
pull out data as necessary. Or they are expecting people to put up a
username/password form and put that information in to the JAAS context
so that standard JAAS plugins can verify them.
On 1/20/11 4:07 PM, Keith Hazelton wrote:
> Advice for our colleague here at Madison? --Keith
>
> Begin forwarded message:
>
>> *From: *Scott Prater <pra...@wisc.edu <mailto:pra...@wisc.edu>>
>> *Date: *January 20, 2011 11:49:55 CST
>> *To: *SCOTT J BUCKINGHAM <sjbuck...@doit.wisc.edu
>> <mailto:sjbuck...@doit.wisc.edu>>, KEITH D HAZELTON
>> <haze...@wisc.edu <mailto:haze...@wisc.edu>>, Bradley Schwoerer
>> <schw...@doit.wisc.edu <mailto:schw...@doit.wisc.edu>>
>> *Subject: **Shibboleth2 and web application JAAS?*
>>
>> Do any of you have any experience, or know of anyone in DoIT, who has
>> worked with JAAS in a web application that is fronted by Shibboleth2
>> authnz?
>>
>> I'm playing with our Fedora repository, and it has a new,
>> semi-experimental JAAS module that can be configured to handle authnz
>> for access to repository objects. The only references I'm finding to
>> integrating Shibboleth and JAAS from a consuming application's POV,
>> though, are to the SPIEE project, last updated in 2006, using Tomcat
>> 5.5 and Shibboleth 1.3. I'm thinking there has to be more recent work
>> done.
>>
>> Thanks in advance,
>>
>> -- Scott
>> --
>> Scott Prater
>> Library, Instructional, and Research Applications (LIRA)
>> Division of Information Technology (DoIT)
>> University of Wisconsin - Madison
>> pra...@wisc.edu <mailto:pra...@wisc.edu>
>
--
Chad La Joie
http://itumi.biz
trusted identities, delivered