I'm looking for a way to create custom authentication and authorization without the use of additional libraries such as Spring. Our current need is to look for a portal authentication cookie and validate it, then search a database for what the user is authorized to do. If validation fails, we need to forward the user on to our application portal.
Of course as soon as I get this working, there is a high likelihood we will change our authentication to a different system, so I need to keep it straight-forward and simple. Nothing here is so important that we need high level security and hack prevention with the authentication.
There is no username and password, only a cookie (single sign on from our portal), and no login page sense our portal handles it all. Can someone point me in the right direction? Either point me to a class/interface or to a book/website. Worst case scenario, I create a filter that upon passing authentication will pass processing onto Wicket's default filter. Of course kludge something together for authorization.
All assistance is appreciated.
Jim
Of course as soon as I get this working, there is a high likelihood we will change our authentication to a different system, so I need to keep it straight-forward and simple. Nothing here is so important that we need high level security and hack prevention with the authentication.
There is no username and password, only a cookie (single sign on from our portal), and no login page sense our portal handles it all. Can someone point me in the right direction? Either point me to a class/interface or to a book/website. Worst case scenario, I create a filter that upon passing authentication will pass processing onto Wicket's default filter. Of course kludge something together for authorization.
All assistance is appreciated.
Jim