Custom authentication and extending the login.jsp element.

[PARDEE, MARTIN (MARTIN)]

Scott,

Thanks, but tracking down developers from a defunct company to ask questions about a design issue that is more than a decade old doesn't seem like a productive use of my time :)  I'll check out the RemoteUser and ExternalAuth options as you suggest.

I just responded to Paul concerning the control passing issue. If I want to invoke my own version of login.jsp, how do I account for the fact that login is using j_secutiry_check to (somehow) get me back to a second call of my servlet, this time with j_username (or whatever) populated by that jsp?

Martin



-----Original Message-----
From: users-bounces at shibboleth.net [mailto:users-bounces at shibboleth.net] On Behalf Of Cantor, Scott
Sent: Friday, August 31, 2012 11:45 AM
To: Shib Users
Subject: Re: Custom authentication and extending the login.jsp element.

On 8/31/12 11:35 AM, "PARDEE, MARTIN  (MARTIN)" <mlp at research.att.com>
wrote:
>
>That seems consistent with what I see, I just didn't want to have to 
>package my entire authentication app into idp.war.  I am sure you'll 
>understand the desire to keep things separated into components.

You would probably want to take that up with the people at Sun that screwed up the Java + web equation so horribly.

If you don't want to do it inside the system, then look at the RemoteUser or ExternalAuth options.

>Can you tell me how one should "send control back to Shibboleth"?

Look at the existing servlet that's in the User/Pass handler. You call an API to return to the authentication engine after setting some attributes with the information to return with.

>I am uncertain of how login.jsp does this.

It doesn't, the servlet does.

-- Scott

--
To unsubscribe from this list send an email to users-unsubscribe at shibboleth.net