|
| Hi,
My portal have to support normal (user/pass) authentication supported by WPS and more secure authentication method supported some external authentication service.
Only a few portlets are available to users that are
authenticated by user/pass-method and the rest are available to users that are authenticated by the external
service.
So I'm planning to use portlet filter to perform additional access control to few extra secure portlets in our portal.
My idea is to build a filter in front of these secure portlets that allows access to them only if user has authenticated with some external authentication service.
Authentication is verified by secure token (generated by the authentication service) in request header.
If user has not authenticated with external service filter should return a link (in the portlets view) to the authentication service.
If user chooses to authenticate with user/pass-method provided by portal he/she sees normally all the portlets that are not filtered by the filter.
For the authentication service I also need to build a TAI module for WAS to automatically authenticat/trust users authenticated in the external service.
Can you see any no-can-do in here, are there other options or is this the way to go ?
Regards,
jari
|
|