LDAP JBoss and Drupal authentication

1
votes

Setup

  • JBoss using LdapExtLoginModule to auth to Microsoft ADAM (Lightweight Directory Server)

  • Drupal using ldap_integration module to auth to the same Microsoft ADAM above

  • Url within JBoss realm that requires user to auth (again) using HTTP Basic Auth



Use Case

  • User logs in to Drupal , auth'ed by ADAM. At this point Drupal only knows the username (password is stored in Microsoft ADAM/LDAP)
  • User accesses secured URL within JBoss realm, and browser prompts for username and password. At this point we'd avoid the login prompt but how ? Is there a way to link JBoss and Drupal session?


Hacky solution:

  • Remember the password that user entered into the password textbox while logging in to Drupal and use this to authenticate later.

Is there any better solution, maybe by introducing another security layer or something else?

1
drupalauthenticationjbossldapbasic-authentication

1 Answers

1
votes

Your hacky solution certainly seems to be the easiest. Have you looked into CAS?

http://drupal.org/project/cas

http://www.jasig.org/cas