views:

42

answers:

1

Setup

  • JBoss using LdapExtLoginModule to auth to Microsoft ADAM (Lightweight Directory Server)

  • Drupal using ldap_integration module to auth to the same Microsoft ADAM above

  • Url within JBoss realm that requires user to auth (again) using HTTP Basic Auth



Use Case

  • User logs in to Drupal , auth'ed by ADAM. At this point Drupal only knows the username (password is stored in Microsoft ADAM/LDAP)
  • User accesses secured URL within JBoss realm, and browser prompts for username and password. At this point we'd avoid the login prompt but how ? Is there a way to link JBoss and Drupal session?


Hacky solution:

  • Remember the password that user entered into the password textbox while logging in to Drupal and use this to authenticate later.

Is there any better solution, maybe by introducing another security layer or something else?

+1  A: 

Your hacky solution certainly seems to be the easiest. Have you looked into CAS?

http://drupal.org/project/cas

http://www.jasig.org/cas

Andrew Sledge
@Andrew Yes I looked into CAS, and at this point I am not sure whether we want to install another app to control security/single-sign-on. Do you know if the LdapExtLoginModule for JBoss can use digest auth for authentication? http://community.jboss.org/thread/157672
portoalet