Gajendra's Blog

In order to get the complete control of undergoing process in any software application, wrappers plays a vital role.Most of the big framework like Spring, Hibernate and Jdbc have this kind of wrappers.In general you can say wrappers are the outer layer of the main object.In Spring security(Formly known as acegi security) we have request wrappers through this request wrapper acegi security decides that each incomming request has authenticate header or not? How Spring security framework does this ? this is a very simple process. Each and every HttpRequest has to pass some filters configured on some external xml files. These filters inject some information in Httprequest headers, and instead of using the main Request facade spring security uses the wrappers of the request and application will not operate untill and unless request contains the authentication tokens, In this way wrappers are providing security through out the Lifecycle of Request. A part of the web application there are s

These days i am working with some identity management technologies for secure roles and policy based authentication.I came across one almost closed project OpenSSO which is no doubt excellent.I am telling it closed because it is a open source software initiated by Sun Microsystem and inspired by Sun Access Manager.After the Sun-Oracle merger the oracle has decided to close this project and stopped all the support that Sun was providing earlier.Well the you can use this OpenSSO server for your all applicaiton server ,No matters it is tomcat,Jetty ,JBoss or any other application server.You can achieve single sign on by two ways either use the policy agent and deploy it in your applicaiton server or use the OpenSSOClientSdk . Different policy agents are available for different servers. I choosed the openssoclientsdk for my java web applicaiton.I am using tomcat 6.0 and openSSO 8.0 enterprise edition.I have integrated the spring security and the openSSO through opensso client sdk .Aft