Uploaded image for project: 'Jetspeed 2 (Retired)'
  1. Jetspeed 2 (Retired)
  2. JS2-129

Single Sign-On Component

    XMLWordPrintableJSON

Details

    • New Feature
    • Status: Closed
    • Major
    • Resolution: Fixed
    • None
    • 2.0-M1
    • None
    • None
    • all

    Description

      Introduction
      ----------------
      Since a user is logged in into the portal he/she should never be asked to login again to see any content. Web portlets or IFrame portlets which refer to external (to the Web Portal) sites might be only visible after a login (if the target site requires authentication). This behavior can be annoying especially if the portal integrates different applications that all require authentication.

      Proposal
      ------------
      The J2 framework will be extended with a component (SingleSignonComponent) that does a lookup in the database to find credentials for a site (url) and a jetspeed user. The credentials could be assigned to a user, group or a role (Priority needs to be defined like User, Group, Role or better order should be customizable).

      For the first implementation two modes will be supported:

      Username/password (HTTP Post)
      --> Portlets (IFrame, Webpage) will call into SingleSignonComponent with the site (url) and the principal. The returned credentials can be used to add them as parameters to the URL

      Basic Authentication (HTTP Basic Authentication)
      --> Since many sites use Basic Authentication another API updates the request so that it uses BasicAuthentication with the credentials returned by the lookup (site, principal).

      At a later stage the SingleSignonComponent API could be extended with certificates and cookie based authentication.

      Attachments

        Activity

          People

            rogerrut Roger Ruttimann
            rogerrut Roger Ruttimann
            Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

              Created:
              Updated:
              Resolved: