[gatein-commits] gatein SVN: r7692 - in epp/docs/branches/5.2/Reference_Guide/en-US: extras/Authentication_Identity_SSO and 5 other directories.
do-not-reply at jboss.org
do-not-reply at jboss.org
Sun Oct 9 21:24:38 EDT 2011
Author: smumford
Date: 2011-10-09 21:24:38 -0400 (Sun, 09 Oct 2011)
New Revision: 7692
Modified:
epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml
epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default109.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default115.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default122.xml
epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default128.xml
epp/docs/branches/5.2/Reference_Guide/en-US/images/Advanced/Foundations/PortalContainers.png
epp/docs/branches/5.2/Reference_Guide/en-US/images/PortalDevelopment/Skinning/leftMarginPattern.png
epp/docs/branches/5.2/Reference_Guide/en-US/images/PortletDevelopment/Standard/SpecPortalDef.png
epp/docs/branches/5.2/Reference_Guide/en-US/images/PortletDevelopment/Standard/jsp_portlet/process.png
epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
Log:
Edits to new JCR1.14 content and updated images
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml 2011-10-10 01:23:11 UTC (rev 7691)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/Book_Info.xml 2011-10-10 01:24:38 UTC (rev 7692)
@@ -9,7 +9,7 @@
<productname>JBoss Enterprise Portal Platform</productname>
<productnumber>5.2</productnumber>
<edition>5.2.0</edition>
- <pubsnumber>5</pubsnumber>
+ <pubsnumber>6</pubsnumber>
<abstract>
<para>
This Reference Guide is a high-level usage document. It deals with more advanced topics than the Installation and User Guides, adding new content or taking concepts discussed in the earlier documents further. It aims to provide supporting documentation for advanced users of the JBoss Enterprise Portal Platform product. Its primary focus is on advanced use of the product and it assumes an intermediate or advanced knowledge of the technology and terms.
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml 2011-10-10 01:23:11 UTC (rev 7691)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/Revision_History.xml 2011-10-10 01:24:38 UTC (rev 7692)
@@ -8,6 +8,20 @@
<simpara>
<revhistory>
<revision>
+ <revnumber>5.2.0-6</revnumber>
+ <date>Wed Oct 5 2011</date>
+ <author>
+ <firstname>Scott</firstname>
+ <surname>Mumford</surname>
+ <email></email>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member>Updated SSO section with changes from GateIn r7620 and r7647.</member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ <revision>
<revnumber>5.2.0-5</revnumber>
<date>Wed Sep 14 2011</date>
<author>
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default109.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default109.xml 2011-10-10 01:23:11 UTC (rev 7691)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default109.xml 2011-10-10 01:24:38 UTC (rev 7692)
@@ -1,30 +1,58 @@
<filter>
- <filter-name>LoginRedirectFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
- <init-param>
- <!-- This should point to your SSO authentication server -->
- <param-name>LOGIN_URL</param-name>
- <!-- If casRenewTicket param value of InitiateLoginServlet is: not specified or false -->
- <param-value>http://localhost:8888/cas/login?service=http://localhost:8080/portal/private/classic</param-value>
- <!-- If casRenewTicket param value of InitiateLoginServlet is : true -->
- <!-- <param-value>http://localhost:8888/cas/login?service=http://localhost:8080/portal/private/classic&renew=true</param-value> -->
- </init-param>
- </filter>
- <filter>
- <filter-name>CASLogoutFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.CASLogoutFilter</filter-class>
- <init-param>
- <!-- This should point to your JOSSO authentication server -->
- <param-name>LOGOUT_URL</param-name>
- <param-value>http://localhost:8888/cas/logout</param-value>
- </init-param>
- </filter>
- <!-- Mapping the filters at the very top of the filter chain -->
- <filter-mapping>
- <filter-name>LoginRedirectFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
- <filter-mapping>
- <filter-name>CASLogoutFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
\ No newline at end of file
+ <filter-name>LoginRedirectFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
+ <init-param>
+ <!-- This should point to your SSO authentication server -->
+ <param-name>LOGIN_URL</param-name>
+ <!-- If casRenewTicket param value of InitiateLoginServlet is: not specified or false -->
+ <param-value>http://localhost:8888/cas/login?service=
+ http://localhost:8080/portal/initiatessologin</param-value>
+ <!-- If casRenewTicket param value of InitiateLoginServlet is : true -->
+ <!-- <param-value>http://localhost:8888/cas/login?
+ service=http://localhost:8080/portal/initiatessologin&renew=true</param-value>
+ -->
+ </init-param>
+ </filter>
+ <filter>
+ <filter-name>CASLogoutFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.CASLogoutFilter</filter-class>
+ <init-param>
+ <!-- This should point to your JOSSO authentication server -->
+ <param-name>LOGOUT_URL</param-name>
+ <param-value>http://localhost:8888/cas/logout</param-value>
+ </init-param>
+ </filter>
+ <filter>
+ <filter-name>InitiateLoginFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.InitiateLoginFilter</filter-class>
+ <init-param>
+ <param-name>ssoServerUrl</param-name>
+ <param-value>http://localhost:8888/cas</param-value>
+ </init-param>
+ <init-param>
+ <param-name>casRenewTicket</param-name>
+ <param-value>false</param-value>
+ </init-param>
+ <init-param>
+ <param-name>casServiceUrl</param-name>
+ <param-value>http://localhost:8080/portal/initiatessologin</param-value>
+ </init-param>
+ <init-param>
+ <param-name>loginUrl</param-name>
+ <param-value>http://localhost:8080/portal/dologin</param-value>
+ </init-param>
+ </filter>
+
+ <!-- Mapping the filters at the very top of the filter chain -->
+ <filter-mapping>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+ <filter-mapping>
+ <filter-name>CASLogoutFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+ <filter-mapping>
+ <filter-name>InitiateLoginFilter</filter-name>
+ <url-pattern>/initiatessologin</url-pattern>
+ </filter-mapping>
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default115.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default115.xml 2011-10-10 01:23:11 UTC (rev 7691)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default115.xml 2011-10-10 01:24:38 UTC (rev 7692)
@@ -1,27 +1,44 @@
<filter>
- <filter-name>LoginRedirectFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
- <init-param>
- <!-- This should point to your SSO authentication server -->
- <param-name>LOGIN_URL</param-name>
- <param-value>http://localhost:8888/josso/signon/login.do?josso_back_to=http://localhost:8080/portal/private/classic</param-value>
- </init-param>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
+ <init-param>
+ <!-- This should point to your SSO authentication server -->
+ <param-name>LOGIN_URL</param-name>
+ <param-value>http://localhost:8888/josso/signon/login.do?
+ josso_back_to=http://localhost:8080/portal/initiatessologin</param-value>
+ </init-param>
</filter>
<filter>
- <filter-name>JOSSOLogoutFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.JOSSOLogoutFilter</filter-class>
- <init-param>
- <!-- This should point to your JOSSO authentication server -->
- <param-name>LOGOUT_URL</param-name>
- <param-value>http://localhost:8888/josso/signon/logout.do</param-value>
- </init-param>
+ <filter-name>JOSSOLogoutFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.JOSSOLogoutFilter</filter-class>
+ <init-param>
+ <!-- This should point to your JOSSO authentication server -->
+ <param-name>LOGOUT_URL</param-name>
+ <param-value>http://localhost:8888/josso/signon/logout.do</param-value>
+ </init-param>
</filter>
+ <filter>
+ <filter-name>InitiateLoginFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.InitiateLoginFilter</filter-class>
+ <init-param>
+ <param-name>ssoServerUrl</param-name>
+ <param-value>http://localhost:8888/josso/signon/login.do</param-value>
+ </init-param>
+ <init-param>
+ <param-name>loginUrl</param-name>
+ <param-value>http://localhost:8080/portal/dologin</param-value>
+ </init-param>
+ </filter>
<!-- filters should be placed at the very top of the filter chain -->
<filter-mapping>
- <filter-name>LoginRedirectFilter</filter-name>
- <url-pattern>/*</url-pattern>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
- <filter-name>JOSSOLogoutFilter</filter-name>
- <url-pattern>/*</url-pattern>
+ <filter-name>JOSSOLogoutFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+ </filter-mapping>
+ <filter-mapping>
+ <filter-name>InitiateLoginFilter</filter-name>
+ <url-pattern>/initiatessologin</url-pattern>
</filter-mapping>
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default122.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default122.xml 2011-10-10 01:23:11 UTC (rev 7691)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default122.xml 2011-10-10 01:24:38 UTC (rev 7692)
@@ -1,27 +1,49 @@
<filter>
<filter-name>LoginRedirectFilter</filter-name>
<filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
- <init-param>
- <!-- This should point to your SSO authentication server -->
- <param-name>LOGIN_URL</param-name>
- <param-value>http://localhost:8888/opensso/UI/Login?realm=gatein&amp;goto=http://localhost:8080/portal/private/classic</param-value>
- </init-param>
+ <init-param>
+ <!-- This should point to your SSO authentication server -->
+ <param-name>LOGIN_URL</param-name>
+ <param-value>http://localhost:8888/opensso/UI/Login?
+ realm=gatein&goto=http://localhost:8080/portal/initiatessologin</param-value>
+ </init-param>
</filter>
- <filter>
- <filter-name>OpenSSOLogoutFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.OpenSSOLogoutFilter</filter-class>
- <init-param>
- <!-- This should point to your OpenSSO authentication server -->
- <param-name>LOGOUT_URL</param-name>
- <param-value>http://localhost:8888/opensso/UI/Logout</param-value>
- </init-param>
- </filter>
+ <filter>
+ <filter-name>OpenSSOLogoutFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.OpenSSOLogoutFilter</filter-class>
+ <init-param>
+ <!-- This should point to your OpenSSO authentication server -->
+ <param-name>LOGOUT_URL</param-name>
+ <param-value>http://localhost:8888/opensso/UI/Logout</param-value>
+ </init-param>
+ </filter>
+ <filter>
+ <filter-name>InitiateLoginFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.InitiateLoginFilter</filter-class>
+ <init-param>
+ <param-name>ssoServerUrl</param-name>
+ <param-value>hhttp://localhost:8888/opensso</param-value>
+ </init-param>
+ <init-param>
+ <param-name>loginUrl</param-name>
+ <param-value>http://localhost:8080/portal/dologin</param-value>
+ </init-param>
+ <init-param>
+ <param-name>ssoCookieName</param-name>
+ <param-value>iPlanetDirectoryPro</param-value>
+ </init-param>
+ </filter>
+
<!-- place the filters at the top of the filter chain -->
<filter-mapping>
- <filter-name>LoginRedirectFilter</filter-name>
- <url-pattern>/*</url-pattern>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
<filter-name>OpenSSOLogoutFilter</filter-name>
<url-pattern>/*</url-pattern>
+ </filter-mapping>
+ <filter-mapping>
+ <filter-name>InitiateLoginFilter</filter-name>
+ <url-pattern>/initiatessologin</url-pattern>
</filter-mapping>
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default128.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default128.xml 2011-10-10 01:23:11 UTC (rev 7691)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/extras/Authentication_Identity_SSO/default128.xml 2011-10-10 01:24:38 UTC (rev 7692)
@@ -1,20 +1,13 @@
- <filter>
- <filter-name>LoginRedirectFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
- <init-param>
- <!-- This should point to your SSO authentication server -->
- <param-name>LOGIN_URL</param-name>
- <param-value>/portal/private/classic</param-value>
- </filter>
- <filter>
- <filter-name>SPNEGOFilter</filter-name>
- <filter-class>org.gatein.sso.agent.filter.SPNEGOFilter</filter-class>
- </filter>
- <filter-mapping>
- <filter-name>LoginRedirectFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
- <filter-mapping>
- <filter-name>SPNEGOFilter</filter-name>
- <url-pattern>/*</url-pattern>
- </filter-mapping>
\ No newline at end of file
+<filter>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
+ <init-param>
+ <!-- This should point to your SSO authentication server -->
+ <param-name>LOGIN_URL</param-name>
+ <param-value>/portal/private/classic</param-value>
+ </init-param>
+</filter>
+<filter-mapping>
+ <filter-name>LoginRedirectFilter</filter-name>
+ <url-pattern>/*</url-pattern>
+</filter-mapping>
\ No newline at end of file
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/images/Advanced/Foundations/PortalContainers.png
===================================================================
(Binary files differ)
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/images/PortalDevelopment/Skinning/leftMarginPattern.png
===================================================================
(Binary files differ)
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/images/PortletDevelopment/Standard/SpecPortalDef.png
===================================================================
(Binary files differ)
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/images/PortletDevelopment/Standard/jsp_portlet/process.png
===================================================================
(Binary files differ)
Modified: epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
===================================================================
--- epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-10-10 01:23:11 UTC (rev 7691)
+++ epp/docs/branches/5.2/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2011-10-10 01:24:38 UTC (rev 7692)
@@ -4,7 +4,7 @@
%BOOK_ENTITIES;
]>
<section id="sect-Reference_Guide-SSO_Single_Sign_On">
- <title>SSO - Single Sign On</title>
+ <title><remark>SSO - Single Sign On</remark></title>
<section id="sect-Reference_Guide-SSO_Single_Sign_On-Overview">
<title>Overview</title>
<para>
@@ -461,18 +461,38 @@
<para>
Tomcat should start without issue and should be accessible at <ulink type="http" url="http://localhost:8888/cas">http://localhost:8888/cas</ulink>.
</para>
- <note>
+ <!--Removed in gatein commit r7620:
+ <note>
<para>
At this stage the login functionality will not be available.
</para>
- </note>
- <mediaobject>
+
+ </note>-->
+ <mediaobject>
<imageobject>
<imagedata fileref="images/AuthenticationAndIdentity/SSO/cas.png" format="PNG" scale="100" width="444" />
</imageobject>
+
</mediaobject>
+
</step>
</procedure>
+ <!--Added in gatein commit r7620 -->
+ <note>
+ <remark>Added in gatein commit r7620</remark>
+ <para>
+ By default on logout the CAS server will display the CAS logout page with a link to return to the portal. To make the CAS server redirect to the portal page after a logout, modify the
+ <filename>cas.war/WEB-INF/cas-servlet.xml</filename> to include the follow line :
+ </para>
+<programlisting>
+<bean id="logoutController" class="org.jasig.cas.web.LogoutController"
+ p:centralAuthenticationService-ref="centralAuthenticationService"
+ p:logoutView="casLogoutView"
+ p:warnCookieGenerator-ref="warnCookieGenerator"
+ p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator"
+ p:followServiceRedirects="true"/>
+</programlisting>
+ </note>
<procedure id="proc-Reference_Guide-CAS_Central_Authentication_Service-Setup_the_CAS_client">
<title>Setup the CAS client</title>
@@ -543,15 +563,16 @@
<para>
Add the following Filters at the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
</para>
-
+<remark>DOC NOTE: Please check code sample as updated according to gatein r7620</remark>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default109.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
</step>
<step>
- <para>
- Replace the <literal>InitiateLoginServlet</literal> declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> with:
- </para>
-
+ <remark> This step removed in gatein r7620. Should it be removed here?</remark>
+ <para>
+ Replace the <literal>InitiateLoginServlet</literal> declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> with:
+ </para>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default110.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
+
</step>
</procedure>
@@ -709,10 +730,11 @@
<para>
Add the following Filters to the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
</para>
-
+<remark>DOC NOTE: Please check code sample as updated according to gatein r7647</remark>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default115.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
</step>
<step>
+ <remark> This step removed in gatein r7647. Should it be removed here?</remark>
<para>
Replace the <literal>InitiateLoginServlet</literal> declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> with:
</para>
@@ -742,16 +764,17 @@
</para>
<procedure id="proc-Reference_Guide-OpenSSO_The_Open_Web_SSO_project-Obtaining_OpenSSO">
<title>Obtaining OpenSSO</title>
- <step>
+ <step>
<para>
- Download OpenSSO from <ulink type="http" url="https://opensso.dev.java.net/public/use/index.html">https://opensso.dev.java.net/public/use/index.html</ulink>.
+ OpenSSO must be purchased from Oracle.
</para>
+
</step>
- <step>
+ <!--<step>
<para>
Extract the package into a suitable location. This location will be referred to as <filename>OPENSSO_HOME</filename> in this example.
</para>
- </step>
+ </step>-->
</procedure>
<para>
@@ -1009,10 +1032,11 @@
<para>
Add the following Filters to the top of the filter chain in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
</para>
-
+<remark>DOC NOTE: Please check code sample as updated according to gatein r7620</remark>
<programlisting language="XML" role="XML"><xi:include href="../../extras/Authentication_Identity_SSO/default122.xml" parse="text" xmlns:xi="http://www.w3.org/2001/XInclude" /></programlisting>
</step>
<step>
+ <remark> This step removed in gatein r7647. Should it be removed here?</remark>
<para>
Replace the <literal>InitiateLoginServlet</literal> declaration in <filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename> with:
</para>
More information about the gatein-commits
mailing list