This post originated from an RSS feed registered with Java Buzz by Simon Brown. Original Post: Implementing single sign-on with a Tomcat valve Feed Title: Simon Brown's weblog Feed URL: http://www.simongbrown.com/blog/feed.xml?flavor=rss20&category=java Feed Description: My thoughts on Java, software development and technology. Latest Java Buzz Posts Latest Java Buzz Posts by Simon Brown Latest Posts From Simon Brown's weblog

The RAMBLE project are potentially looking at single sign-on as a mechanism to authenticate users of their resources, including blogs. Pebble is a J2EE web application and, instead of implementing authentication itself, Pebble delegates this to the underlying web/application server. This declarative security model means that Pebble can be used with anything from in-memory and file-based realms to database and LDAP realms without changing any code. At a high level, all of the security roles and constraints are defined in the web.xml file and only at deployment time do you choose which realm implementation will be used. Many web/app servers don't support SSO out of the box, but weaving in J2EE web applications into an existing SSO infrastructure is possible.

Read the full content here.