[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Subject: [saml-dev] issues as to SAML implementation with BEA SSPI
Hi, Sorry for a question as to a vendor specific issue. If you don't like it, please ignore it. I'm developing SAML-aware authentication with BEA SSPI . My environment is WebLogic 7.0 on Windows 2K. Now, there is an issue as to implementing servlet to accept SAML Authentication Assertion. My SAML-acceptor servlet works as follows when it asserts Assertion properly. 1. From httpRequest, getting SAML Assertion sent by POST method. 2. constructing MyIdentityAsseter, which is implementing AuthenticationProvider and identityAsserter, asserting SAML Assertion and getting CallbackHandler. 3. constructing LoginContext and running LoginContext. LoginContext calls MyLoginModule to login properly. 4. getting Subject from loginContext. However, I can't know how to connect http session with subject retrieved from the assertion. Therefore, next request ,which is on the same http session as SAML- acceptor servlet, isn't recognized by WebLogic as the request from the authenticated subject - it doesn't make sense. I suppose that by using WebLogic's some API, the code need to connect subject with http session managed by webLogic, but I can't find what API to use and where (in MyLoginModule or in this servlet and so on) to call the code. How should I do? Have I done a wrong way because of misunderstanding BEA SSPI or JAAS? Any suggestion is very,very helpful. Regards, // this code corresponds to action 2-4 PilotIdentityAsserterImpl pilotIdentityAsserterImpl = new PilotIdentityAsserterImpl(); IdentityAsserter identityAsserter = pilotIdentityAsserterImpl. getIdentityAsserter(); Subject subject = null; try{ CallbackHandler callbackHandler = identityAsserter.assertIdentity (PilotIdentityAsserterImpl.SAML_TYPE,samlAssertionObject); LoginContext loginContext = new LoginContext("Pilot", callbackHandler); loginContext.login(); subject = loginContext.getSubject(); } catch (...] ---------------------------------------------- NTT Data Corpration Yuji Sakata Tel: +81-3-3523-8081 E-Mail: ysakata@rd.nttdata.co.jp ----------------------------------------------
[Date Prev] | [Thread Prev] | [Thread Next] | [Date Next] -- [Date Index] | [Thread Index] | [Elist Home]
Powered by eList eXpress LLC