LDEV-3275: Add SsoConsumer in LAMS Central as requests (index.jsp, index.do) immediate after j_security_check are also being authenticated. They also are considered an authentication attempt, but they bypass shared session creation in SsoProducer and it causes errors. This was addressed by a simple check - no shared session in UniversalLoginModule, no authentication attempt.
LDEV-3275: Introduce SSO using Undertow mechanisms. Valves do not exist in Undertow. Another approach had to be used. In each WAR there is a file in META-INF/service dir which adds a class in request processing chaing. For Central it is SsoProducer which put the authenticated account into shared session. All other modules use SsoConsumer which takes the account and puts it into its security context.
In standalone.xml caching of credentials was switched off as it would prevent UniversalLoginModule from putting UserDTO into shared session.
TODO: use a simple pass-all authentication mechanism for static files like images and JS files.
Loading ...