I'll be the first to admit that integration between different Microsoft server products and stuff you develop yourself on the Windows platform isn't always easy, but compared to the PAIN it is to do the same stuff on the Java/J2EE platform it's nothing!
I've been sitting for days now trying to get Vignette 7 (a java portal server) running on top of BEA Weblogic 8.1 (J2EE app server) against an Oracle database and having Vignette running in a mixed mode with RSA ClearTrust for authentication where the ClearTrust agent is installed as an ISAPI filter on an IIS web server on another machine (for security reasons). GAHH! Forget about any nice looking configuration tools here, we're talking heavy Notepad sessions here! I spent hours and hours in Notepad, with property files and xml files all over my screen. AND THANK GOD FOR GOOGLE!
The easiest thing to get going so far has been Oracle actually. It would have been cool to use Oracle 10g with it's new and easier setup, but I had to use 9.2 for now. The last thing we have to fix now is automatic login into Vignette after a successful authentication against ClearTrust. If anyones interested (guess you're not :) I'll write another entry and let you know how things went... Man! I want to write programs, not configure Java stuff!
EDIT: Now we got automatic (Single Sign On) login into Vignette working! After some digging into readme-files and a couple of property and xml files it runs. Had to configure the realm correctly and specify the HTTP header that ClearTrust use for setting the username of the authenticated user. Cool, the biggest problem now will be to build up a good user and group catalogue structure. This will take a long time because we're going to have lots of portal sites, lots of different roles and need distributed admin for this... :/
One sad thing we notices was that when creating users from Vignette, they ended up properly in the ClearTrust LDAP catalogue, but were marked as private and you couldn't specify a password. Not good. May have to change Vignette config to use read-only mode against the ClearTrust LDAP. Hmmm... Perhaps it's better to move this blog-entry to a new post with a proper Post Title :D