[gatein-commits] gatein SVN: r6968 - epp/docs/branches/5.1/Reference_Guide/en-US/modules/AuthenticationAndIdentity.
do-not-reply at jboss.org
do-not-reply at jboss.org
Tue Aug 2 00:22:05 EDT 2011
Author: smumford
Date: 2011-08-02 00:22:04 -0400 (Tue, 02 Aug 2011)
New Revision: 6968
Modified:
epp/docs/branches/5.1/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
Log:
JBEPP-894:Added Enabling SSO valve section.
Modified: epp/docs/branches/5.1/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
===================================================================
--- epp/docs/branches/5.1/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-08-01 21:47:46 UTC (rev 6967)
+++ epp/docs/branches/5.1/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-08-02 04:22:04 UTC (rev 6968)
@@ -60,7 +60,149 @@
</warning>
</section>
-
+ <section>
+ <title><remark>Enabling SSO using JBoss SSO valve</remark></title>
+<!-- Source Metadata
+URL: https://issues.jboss.org/browse/JBQA-4530
+Author [w/email]: Marek Posolda (mposolda at redhat.com)
+
+URL: http://community.jboss.org/wiki/JBossWebSingleSignOn
+Author [w/email]: Brian Stansberry (bstansberry at jboss.com)
+
+URL: https://issues.jboss.org/browse/JBEPP-615
+Author [w/email]: Marek Posolda (mposolda at redhat.com)
+-->
+ <para>
+ To successfully implement SSO integration, do the following:
+ </para>
+ <procedure>
+ <title>SSO Integration</title>
+ <step>
+ <para>
+ Open the <filename><replaceable><JBOSS_HOME></replaceable>/server/<replaceable><PROFILE></replaceable>/deploy/jmx-console.war/WEB-INF/web.xml</filename> file and ensure the following lines are present and unaltered:
+ </para>
+
+<programlisting language="XML" role="XML"><![CDATA[<security-constraint>
+ <web-resource-collection>
+ <web-resource-name>HtmlAdaptor</web-resource-name>
+ <description>An example security config that only allows users with the
+ role JBossAdmin to access the HTML JMX console web application
+ </description>
+ <url-pattern>/*</url-pattern>
+ </web-resource-collection>
+ <auth-constraint>
+ <role-name>JBossAdmin</role-name>
+ </auth-constraint>
+</security-constraint>
+
+<login-config>
+ <auth-method>BASIC</auth-method>
+ <realm-name>JBoss JMX Console</realm-name>
+</login-config>
+
+<security-role>
+ <role-name>JBossAdmin</role-name>
+</security-role>
+]]></programlisting>
+ </step>
+ <step>
+ <para>
+ Open the <filename>/<replaceable><JBOSS_HOME></replaceable>/server/<replaceable><PROFILE></replaceable>/deploy/jbossweb.sar/server.xml</filename> file and uncomment one of the two <parameter>Valve</parameter> entries:
+ </para>
+ <itemizedlist>
+ <listitem>
+ <para>
+ For a <emphasis>non-clustered</emphasis> implementation, uncomment:
+ </para>
+
+<programlisting language="XML" role="XML"><![CDATA[<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
+]]></programlisting>
+ </listitem>
+ <listitem>
+ <para>
+ For a <emphasis>clustered</emphasis> implementation, uncomment:
+ </para>
+
+<programlisting language="XML" role="XML"><![CDATA[<Valve className="org.jboss.web.tomcat.service.sso.ClusteredSingleSignOn" />
+]]></programlisting>
+ </listitem>
+ </itemizedlist>
+ </step>
+ <step>
+ <para>
+ To integrate with the JBoss SSO valve, follow <emphasis role="bold">one</emphasis> of the procedures below to make the necessary configuration changes in the Java Authentication and Authorization Service (<emphasis role="bold">JAAS</emphasis>):
+ </para>
+ <itemizedlist>
+ <listitem>
+ <procedure>
+ <title>Call the JAAS authentication directly</title>
+ <step>
+ <para>
+ Open the <filename>/<replaceable><JBOSS_HOME></replaceable>/server/<replaceable><PROFILE></replaceable>/deploy/gatein.ear/02portal.war/login/jsp/login.jsp</filename> file.
+ </para>
+ </step>
+ <step>
+ <para>
+ Change the line that reads:
+ </para>
+<programlisting language="XML" role="XML"><![CDATA[<form name="loginForm" action="<%= contextPath + "/login"%>" method="post" style="margin: 0px;">
+]]></programlisting>
+ <para>
+ to read:
+ </para>
+<programlisting language="XML" role="XML"><![CDATA[<form name="loginForm" action="<%= contextPath + "/private/j_security_check"%>" method="post" style="margin: 0px;">
+]]></programlisting>
+ </step>
+ <step>
+ <para>
+ Change the line that reads:
+ </para>
+<programlisting language="XML" role="XML"><![CDATA[<td><input class="UserName" name="username" value="<%=username%>"/></td>
+]]></programlisting>
+ <para>
+ to read:
+ </para>
+<programlisting language="XML" role="XML"><![CDATA[<td><input class="UserName" name="j_username" value="<%=username%>"/></td>
+]]></programlisting>
+ </step>
+ <step>
+ <para>
+ Change the line that reads:
+ </para>
+<programlisting language="XML" role="XML"><![CDATA[<td><input class="Password" type="password" name="password" value=""/></td>
+]]></programlisting>
+
+ <para>
+ to read:
+ </para>
+<programlisting language="XML" role="XML"><![CDATA[<td><input class="Password" type="password" name="j_password" value=""/></td>
+]]></programlisting>
+ </step>
+ </procedure>
+ </listitem>
+ <listitem>
+ <procedure>
+ <title>Switch to <emphasis role="bold">BASIC</emphasis> authentication</title>
+ <step>
+ <para>
+ Change the <parameter>auth-method</parameter> element in <filename><replaceable><JBOSS_HOME></replaceable>/server/<replaceable><PROFILE></replaceable>/deploy/gatein.ear/02portal.war/WEB-INF/web.xml</filename> from <parameter>FORM</parameter> to <parameter>BASIC</parameter>:
+ </para>
+<programlisting language="XML" role="XML"><![CDATA[<login-config>
+<auth-method>BASIC</auth-method>
+<realm-name>gatein-domain</realm-name>
+<form-login-config>
+ <form-login-page>/initiatelogin</form-login-page>
+ <form-error-page>/errorlogin</form-error-page>
+</form-login-config>
+]]></programlisting>
+ </step>
+ </procedure>
+ </listitem>
+ </itemizedlist>
+ </step>
+ </procedure>
+ </section>
+
<section id="sect-Reference_Guide-SSO_Single_Sign_On-CAS_Central_Authentication_Service">
<title>CAS - Central Authentication Service</title>
<para>
@@ -113,7 +255,7 @@
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default102.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
<para>
- ...with the following:
+ with:
</para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default103.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
More information about the gatein-commits
mailing list