[jboss-cvs] Repository SVN: r1203 - in jboss-portal/modules/identity/1.0.0-SNAPSHOT: resources and 1 other directory.
jboss-cvs-commits at lists.jboss.org
jboss-cvs-commits at lists.jboss.org
Tue Sep 4 18:26:58 EDT 2007
Author: bdaw
Date: 2007-09-04 18:26:57 -0400 (Tue, 04 Sep 2007)
New Revision: 1203
Removed:
jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/cas_context.xml
jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/cas_deployerConfigContext.xml
jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_context.xml
jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_error.jsp
jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_josso-agent-config.xml
jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_josso-config.xml
jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_josso-gateway-config.xml
jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_login-config.xml
jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_login.jsp
jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_server.xml
Modified:
jboss-portal/modules/identity/1.0.0-SNAPSHOT/component-info.xml
Log:
rallback sso config files
Modified: jboss-portal/modules/identity/1.0.0-SNAPSHOT/component-info.xml
===================================================================
--- jboss-portal/modules/identity/1.0.0-SNAPSHOT/component-info.xml 2007-09-04 21:38:41 UTC (rev 1202)
+++ jboss-portal/modules/identity/1.0.0-SNAPSHOT/component-info.xml 2007-09-04 22:26:57 UTC (rev 1203)
@@ -14,18 +14,6 @@
<!--dtd-->
<artifact id="identity-config_2_6.dtd"/>
<artifact id="profile-config_2_6.dtd"/>
- <!--SSO - CAS config-->
- <artifact id="cas_context.xml"/>
- <artifact id="cas_deployerConfigContext.xml"/>
- <!--SSO - JOSSO config-->
- <artifact id="josso_context.xml"/>
- <!--<artifact id="josso_error.jsp"/>-->
- <artifact id="josso_josso-agent-config.xml"/>
- <artifact id="josso_josso-config.xml"/>
- <artifact id="josso_josso-gateway-config.xml"/>
- <artifact id="josso_login-config.xml"/>
- <!--<artifact id="josso_login.jsp"/>-->
- <artifact id="josso_server.xml"/>
<export>
<include input="portal-identity-lib.jar"/>
<include input="portal-identity-sso-lib.jar"/>
Deleted: jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/cas_context.xml
===================================================================
--- jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/cas_context.xml 2007-09-04 21:38:41 UTC (rev 1202)
+++ jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/cas_context.xml 2007-09-04 22:26:57 UTC (rev 1203)
@@ -1,9 +0,0 @@
-<?xml version="1.0"?>
-<Context>
- <Valve className="org.jboss.portal.identity.auth.CASAuthenticationValve"
- casLogin="https://localhost:8080/cas/login"
- casValidate="https://localhost:8080/cas/serviceValidate"
- casServerName="localhost"
- authType="FORM"
- />
-</Context>
Deleted: jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/cas_deployerConfigContext.xml
===================================================================
--- jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/cas_deployerConfigContext.xml 2007-09-04 21:38:41 UTC (rev 1202)
+++ jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/cas_deployerConfigContext.xml 2007-09-04 22:26:57 UTC (rev 1203)
@@ -1,98 +0,0 @@
-<?xml version="1.0" encoding="UTF-8"?>
-<!DOCTYPE beans PUBLIC "-//SPRING//DTD BEAN//EN" "http://www.springframework.org/dtd/spring-beans.dtd">
-<!--
- | deployerConfigContext.xml centralizes into one file some of the declarative configuration that
- | all CAS deployers will need to modify.
- |
- | This file declares some of the Spring-managed JavaBeans that make up a CAS deployment.
- | The beans declared in this file are instantiated at context initialization time by the Spring
- | ContextLoaderListener declared in web.xml. It finds this file because this
- | file is among those declared in the context parameter "contextConfigLocation".
- |
- | By far the most common change you will need to make in this file is to change the last bean
- | declaration to replace the default SimpleTestUsernamePasswordAuthenticationHandler with
- | one implementing your approach for authenticating usernames and passwords.
- +-->
-<beans>
- <!--
- | This bean declares our AuthenticationManager. The CentralAuthenticationService service bean
- | declared in applicationContext.xml picks up this AuthenticationManager by reference to its id,
- | "authenticationManager". Most deployers will be able to use the default AuthenticationManager
- | implementation and so do not need to change the class of this bean. We include the whole
- | AuthenticationManager here in the userConfigContext.xml so that you can see the things you will
- | need to change in context.
- +-->
- <bean id="authenticationManager"
- class="org.jasig.cas.authentication.AuthenticationManagerImpl">
- <!--
- | This is the List of CredentialToPrincipalResolvers that identify what Principal is trying to authenticate.
- | The AuthenticationManagerImpl considers them in order, finding a CredentialToPrincipalResolver which
- | supports the presented credentials.
- |
- | AuthenticationManagerImpl uses these resolvers for two purposes. First, it uses them to identify the Principal
- | attempting to authenticate to CAS /login . In the default configuration, it is the DefaultCredentialsToPrincipalResolver
- | that fills this role. If you are using some other kind of credentials than UsernamePasswordCredentials, you will need to replace
- | DefaultCredentialsToPrincipalResolver with a CredentialsToPrincipalResolver that supports the credentials you are
- | using.
- |
- | Second, AuthenticationManagerImpl uses these resolvers to identify a service requesting a proxy granting ticket.
- | In the default configuration, it is the HttpBasedServiceCredentialsToPrincipalResolver that serves this purpose.
- | You will need to change this list if you are identifying services by something more or other than their callback URL.
- +-->
- <property name="credentialsToPrincipalResolvers">
- <list>
- <!--
- | UsernamePasswordCredentialsToPrincipalResolver supports the UsernamePasswordCredentials that we use for /login
- | by default and produces SimplePrincipal instances conveying the username from the credentials.
- |
- | If you've changed your LoginFormAction to use credentials other than UsernamePasswordCredentials then you will also
- | need to change this bean declaration (or add additional declarations) to declare a CredentialsToPrincipalResolver that supports the
- | Credentials you are using.
- +-->
- <bean
- class="org.jasig.cas.authentication.principal.UsernamePasswordCredentialsToPrincipalResolver" />
- <!--
- | HttpBasedServiceCredentialsToPrincipalResolver supports HttpBasedCredentials. It supports the CAS 2.0 approach of
- | authenticating services by SSL callback, extracting the callback URL from the Credentials and representing it as a
- | SimpleService identified by that callback URL.
- |
- | If you are representing services by something more or other than an HTTPS URL whereat they are able to
- | receive a proxy callback, you will need to change this bean declaration (or add additional declarations).
- +-->
- <bean
- class="org.jasig.cas.authentication.principal.HttpBasedServiceCredentialsToPrincipalResolver" />
- </list>
- </property>
-
- <!--
- | Whereas CredentialsToPrincipalResolvers identify who it is some Credentials might authenticate,
- | AuthenticationHandlers actually authenticate credentials. Here we declare the AuthenticationHandlers that
- | authenticate the Principals that the CredentialsToPrincipalResolvers identified. CAS will try these handlers in turn
- | until it finds one that both supports the Credentials presented and succeeds in authenticating.
- +-->
- <property name="authenticationHandlers">
- <list>
- <!--
- | This is the authentication handler that authenticates services by means of callback via SSL, thereby validating
- | a server side SSL certificate.
- +-->
- <bean
- class="org.jasig.cas.authentication.handler.support.HttpBasedServiceCredentialsAuthenticationHandler">
- <property
- name="httpClient"
- ref="httpClient" />
- </bean>
-
- <!--
- | This is the authentication handler declaration that every CAS deployer will need to change before deploying CAS
- | into production. The default SimpleTestUsernamePasswordAuthenticationHandler authenticates UsernamePasswordCredentials
- | where the username equals the password. You will need to replace this with an AuthenticationHandler that implements your
- | local authentication strategy. You might accomplish this by coding a new such handler and declaring
- | edu.someschool.its.cas.MySpecialHandler here, or you might use one of the handlers provided in the adaptors modules.
- +-->
- <bean
- class="org.jboss.portal.identity.auth.CASAuthenticationHandler" />
- </list>
- </property>
- </bean>
-</beans>
Deleted: jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_context.xml
===================================================================
--- jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_context.xml 2007-09-04 21:38:41 UTC (rev 1202)
+++ jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_context.xml 2007-09-04 22:26:57 UTC (rev 1203)
@@ -1,4 +0,0 @@
-<?xml version="1.0"?>
-<Context>
- <Valve className="org.jboss.portal.identity.auth.JOSSOLogoutValve"/>
-</Context>
Deleted: jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_error.jsp
===================================================================
--- jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_error.jsp 2007-09-04 21:38:41 UTC (rev 1202)
+++ jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_error.jsp 2007-09-04 22:26:57 UTC (rev 1203)
@@ -1,41 +0,0 @@
-<%--
- ~ Copyright (c) 2004-2006, Novascope S.A. and the JOSSO team
- ~ All rights reserved.
- ~ Redistribution and use in source and binary forms, with or
- ~ without modification, are permitted provided that the following
- ~ conditions are met:
- ~
- ~ * Redistributions of source code must retain the above copyright
- ~ notice, this list of conditions and the following disclaimer.
- ~
- ~ * Redistributions in binary form must reproduce the above copyright
- ~ notice, this list of conditions and the following disclaimer in
- ~ the documentation and/or other materials provided with the
- ~ distribution.
- ~
- ~ * Neither the name of the JOSSO team nor the names of its
- ~ contributors may be used to endorse or promote products derived
- ~ from this software without specific prior written permission.
- ~
- ~ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- ~ CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- ~ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- ~ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- ~ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
- ~ BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- ~ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- ~ TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- ~ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ~ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- ~ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- ~ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- ~ POSSIBILITY OF SUCH DAMAGE.
- --%>
-
-<%@page contentType="text/html; charset=iso-8859-1" language="java" session="true" %>
-<!--
-Redirects the user to the propper login page. Configured as the login url the web.xml for this application.
--->
-<%
- response.sendRedirect(request.getContextPath() + "/josso_login/");
-%>
Deleted: jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_josso-agent-config.xml
===================================================================
--- jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_josso-agent-config.xml 2007-09-04 21:38:41 UTC (rev 1202)
+++ jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_josso-agent-config.xml 2007-09-04 22:26:57 UTC (rev 1203)
@@ -1,19 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" ?>
-<agent>
- <class>org.josso.jb4.agent.JBossCatalinaSSOAgent</class>
- <gatewayLoginUrl>http://localhost:8080/josso/signon/login.do</gatewayLoginUrl>
- <gatewayLogoutUrl>http://localhost:8080/josso/signon/logout.do</gatewayLogoutUrl>
- <service-locator>
- <class>org.josso.gateway.WebserviceGatewayServiceLocator</class>
- <endpoint>localhost:8080</endpoint>
- </service-locator>
- <partner-apps>
- <partner-app>
- <context>/portal</context>
- </partner-app>
- <!-- used for testing purposes -->
- <partner-app>
- <context>/portal2</context>
- </partner-app>
- </partner-apps>
-</agent>
Deleted: jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_josso-config.xml
===================================================================
--- jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_josso-config.xml 2007-09-04 21:38:41 UTC (rev 1202)
+++ jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_josso-config.xml 2007-09-04 22:26:57 UTC (rev 1203)
@@ -1,4 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" ?>
-<configuration>
- <hierarchicalXml fileName="josso-agent-config.xml"/>
-</configuration>
Deleted: jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_josso-gateway-config.xml
===================================================================
--- jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_josso-gateway-config.xml 2007-09-04 21:38:41 UTC (rev 1202)
+++ jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_josso-gateway-config.xml 2007-09-04 22:26:57 UTC (rev 1203)
@@ -1,569 +0,0 @@
-<?xml version="1.0" encoding="ISO-8859-1" ?>
-<!--
- ~ Copyright (c) 2004-2006, Novascope S.A. and the JOSSO team
- ~ All rights reserved.
- ~ Redistribution and use in source and binary forms, with or
- ~ without modification, are permitted provided that the following
- ~ conditions are met:
- ~
- ~ * Redistributions of source code must retain the above copyright
- ~ notice, this list of conditions and the following disclaimer.
- ~
- ~ * Redistributions in binary form must reproduce the above copyright
- ~ notice, this list of conditions and the following disclaimer in
- ~ the documentation and/or other materials provided with the
- ~ distribution.
- ~
- ~ * Neither the name of the JOSSO team nor the names of its
- ~ contributors may be used to endorse or promote products derived
- ~ from this software without specific prior written permission.
- ~
- ~ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- ~ CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- ~ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- ~ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- ~ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
- ~ BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- ~ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- ~ TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- ~ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ~ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- ~ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- ~ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- ~ POSSIBILITY OF SUCH DAMAGE.
- -->
-
-<domain>
- <name>JOSSO</name>
- <type>web</type>
-
- <!--sso-web-config-->
-
- <!-- Optional : The URL where the user will be redirected after a successfull login only if josso_back_to request parameter
- is not present when accessing the login url
- <loginBackToURL>http://localhost:8080/partnerapp/protected/</loginBackToURL>
- -->
-
- <!-- Optional : The URL where the user will be redirected after a logout only if josso_back_to is not present
- when accessing the logout url
- <logoutBackToURL>http://localhost:8080/partnerapp/protected/</logoutBackToURL>
- -->
-
- <!-- Session token properties -->
- <!--session-token-->
-
- <!-- Optional : Use a secure session token, a secure channel like SSL must be available for this to work
- <secure>false</secure>
- -->
-
-
- <!--/session-token-->
-
- <!--/sso-web-config-->
-
- <authenticator>
- <class>org.josso.auth.AuthenticatorImpl</class>
- <authentication-schemes>
- <!-- Basic Authentication Scheme -->
- <authentication-scheme>
- <name>basic-authentication</name>
- <class>org.josso.auth.scheme.BindUsernamePasswordAuthScheme</class>
-
- <!--
- The message digest algorithm to be used when hashing passwords.
- This must be an algorithm supported by the java.security.MessageDigest class
- on your platform.
-
- In J2SE 1.4.2 you can check :
- Java Cryptography Architecture API Specification & Reference - Apendix B : Algorithms
- Values are : MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512,etc.
-
- To provide LDAP support, also CRYPT is available.
- -->
- <!--
- <hashAlgorithm>MD5</hashAlgorithm>
- -->
-
- <!-- Supported values are HEX, BASE64. Mandatory if hashAlgorithm was specified -->
- <!--
- <hashEncoding>HEX</hashEncoding>
- -->
-
- <!-- Some hash algorithms, like CRYPT, use this property. The default value is 2.
- <saltLength>2</saltLength>
- -->
-
- <!--
- <ignorePasswordCase>false</ignorePasswordCase>
- <ignoreUserCase>false</ignoreUserCase>
- -->
- <!-- ========================================================= -->
- <!-- JDBC Credential Store -->
- <!-- -->
- <!-- Always scape comma chars [,] in queries because -->
- <!-- jakarta commons-configuration uses them to define arrays. -->
- <!-- ========================================================= -->
- <!--
- <credential-store>
- <class>org.josso.gateway.identity.service.store.db.JDBCIdentityStore</class>
-
- <credentialsQueryString>
-
- SELECT login AS username , password AS password FROM josso_user WHERE login = ?
-
- </credentialsQueryString>
- <connectionName>josso</connectionName>
- <connectionPassword>josso</connectionPassword>
- <connectionURL>jdbc:oracle:thin:@localhost:1521:josso_db</connectionURL>
- <driverName>oracle.jdbc.driver.OracleDriver</driverName>
- </credential-store>
- <credential-store>
- <class>org.josso.gateway.identity.service.store.db.DataSourceIdentityStore</class>
-
- <credentialsQueryString>SELECT login AS username , password AS password FROM josso_user WHERE login = ?</credentialsQueryString>
- <dsJndiName>java:jdbc/JossoSamplesDB</dsJndiName>
- </credential-store>
- -->
-
- <!-- =============================================================== -->
- <!-- LDAP Credential Store -->
- <!-- -->
- <!-- Chcek javadoc for configuration details : -->
- <!-- org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore -->
- <!-- =============================================================== -->
- <!--
- <credential-store>
- <class>org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore</class>
- <initialContextFactory>com.sun.jndi.ldap.LdapCtxFactory</initialContextFactory>
- <providerUrl>ldap://ldaphost</providerUrl>
- <securityPrincipal>cn=Manager,dc=my-domain,dc=com</securityPrincipal>
- <securityCredential>secret</securityCredential>
- <securityAuthentication>simple</securityAuthentication>
- <ldapSearchScope>SUBTREE</ldapSearchScope>
- <usersCtxDN>ou=People,dc=my-domain,dc=com</usersCtxDN>
- <principalUidAttributeID>uid</principalUidAttributeID>
- <rolesCtxDN>ou=Roles,dc=my-domain,dc=com</rolesCtxDN>
- <uidAttributeID>uniquemember</uidAttributeID>
- <roleAttributeID>cn</roleAttributeID>
- <credentialQueryString>uid=username,userPassword=password</credentialQueryString>
- <userPropertiesQueryString>mail=mail,cn=description</userPropertiesQueryString>
- </credential-store>
- -->
-
- <!-- ================================================= -->
- <!-- Memory Credential Store -->
- <!-- ================================================= -->
- <!--
- <credential-store>
- <class>org.josso.gateway.identity.service.store.MemoryIdentityStore</class>
- <credentialsFileName>josso-credentials.xml</credentialsFileName>
- </credential-store>
- -->
-
- <!-- ================================================= -->
- <!-- JBoss Portal Credential Store -->
- <!-- ================================================= -->
- <credential-store>
- <class>org.jboss.portal.identity.auth.JOSSOIdentityStore</class>
- </credential-store>
-
-
-
- <!-- ================================================= -->
- <!-- Credential Store Key adapter -->
- <!-- ================================================= -->
- <credential-store-key-adapter>
- <class>org.josso.gateway.identity.service.store.SimpleIdentityStoreKeyAdapter</class>
- </credential-store-key-adapter>
-
- </authentication-scheme>
-
- <!-- Strong Authentication Scheme -->
- <authentication-scheme>
- <name>strong-authentication</name>
- <class>org.josso.auth.scheme.X509CertificateAuthScheme</class>
-
- <!-- ========================================================= -->
- <!-- JDBC Credential Store -->
- <!-- -->
- <!-- Always scape comma chars [,] in queries because -->
- <!-- jakarta commons-configuration uses them to define arrays. -->
- <!-- ========================================================= -->
- <!--
- <credential-store>
- <class>org.josso.gateway.identity.service.store.db.JDBCIdentityStore</class>
-
- <credentialsQueryString>
-
- SELECT login AS username , password AS password FROM josso_user WHERE login = ?
-
- </credentialsQueryString>
- <connectionName>josso</connectionName>
- <connectionPassword>josso</connectionPassword>
- <connectionURL>jdbc:oracle:thin:@localhost:1521:josso_db</connectionURL>
- <driverName>oracle.jdbc.driver.OracleDriver</driverName>
- </credential-store>
- -->
-
- <!-- =============================================================== -->
- <!-- LDAP Credential Store -->
- <!-- -->
- <!-- Chcek javadoc for configuration details : -->
- <!-- org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore -->
- <!-- =============================================================== -->
- <!--
- <credential-store>
- <class>org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore</class>
- <initialContextFactory>com.sun.jndi.ldap.LdapCtxFactory</initialContextFactory>
- <providerUrl>ldap://ldaphost</providerUrl>
- <securityPrincipal>cn=Manager,dc=my-domain,dc=com</securityPrincipal>
- <securityCredential>secret</securityCredential>
- <securityAuthentication>simple</securityAuthentication>
- <ldapSearchScope>SUBTREE</ldapSearchScope>
- <usersCtxDN>ou=People,dc=my-domain,dc=com</usersCtxDN>
- <principalUidAttributeID>uid</principalUidAttributeID>
- <rolesCtxDN>ou=Roles,dc=my-domain,dc=com</rolesCtxDN>
- <uidAttributeID>uniquemember</uidAttributeID>
- <roleAttributeID>cn</roleAttributeID>
- <credentialQueryString>uid=username,userCertificate;binary=userCertificate</credentialQueryString>
- <userPropertiesQueryString>mail=mail,cn=description</userPropertiesQueryString>
- </credential-store>
- -->
-
- <!-- ================================================= -->
- <!-- Memory Credential Store -->
- <!-- ================================================= -->
- <credential-store>
- <class>org.josso.gateway.identity.service.store.MemoryIdentityStore</class>
- <credentialsFileName>josso-credentials.xml</credentialsFileName>
- </credential-store>
-
- <!-- ================================================= -->
- <!-- Credential Store Key adapter -->
- <!-- ================================================= -->
- <credential-store-key-adapter>
- <class>org.josso.gateway.identity.service.store.SimpleIdentityStoreKeyAdapter</class>
- </credential-store-key-adapter>
-
- </authentication-scheme>
- </authentication-schemes>
- </authenticator>
-
- <sso-identity-manager>
-
- <class>org.josso.gateway.identity.service.SSOIdentityManagerImpl</class>
-
- <!-- ========================================================= -->
- <!-- DataSource Identity Store -->
- <!-- -->
- <!-- Always scape comma chars [,] in queries because -->
- <!-- jakarta commons-configuration uses them to define arrays. -->
- <!-- ========================================================= -->
- <!--
- <sso-identity-store>
- <class>org.josso.gateway.identity.service.store.db.DataSourceIdentityStore</class>
-
- <userQueryString>
- SELECT login FROM josso_user WHERE login = ?
- </userQueryString>
-
- <userPropertiesQueryString>
- SELECT 'user.description' AS name , description AS value FROM josso_user WHERE login = ?
- UNION
- SELECT name AS name , value AS value FROM josso_user_property WHERE login = ?
- </userPropertiesQueryString>
-
- <rolesQueryString>
- SELECT josso_role.name FROM josso_role , josso_user_role , josso_user WHERE josso_user.login = ? AND josso_user.login = josso_user_role.login AND josso_role.name = josso_user_role.name
- </rolesQueryString>
-
- <dsJndiName>java:jdbc/JossoSamplesDB</dsJndiName>
- </sso-identity-store>
- -->
- <!-- ========================================================= -->
- <!-- JDBC Identity Store -->
- <!-- -->
- <!-- Always scape comma chars [,] in queries because -->
- <!-- jakarta commons-configuration uses them to define arrays. -->
- <!-- ========================================================= -->
-
- <!--sso-identity-store>
- <class>org.josso.gateway.identity.service.store.db.JDBCIdentityStore</class>
-
- <userQueryString>
- SELECT login FROM josso_user WHERE login = ?
- </userQueryString>
-
- You could use a UNION to select properties from different tables/columns :
- SELECT 'user.lastName' AS name , lastName AS value FROM josso_user WHERE login = ?
- UNION
- SELECT 'user.name' AS name , name AS value FROM josso_user WHERE login = ?
- UNION
- SELECT name AS name , value AS value FROM josso_user_properties WHERE login = ?
-
- <userPropertiesQueryString>
- SELECT 'user.description' AS name , description AS value FROM josso_user WHERE login = ?
- UNION
- SELECT name AS name , value AS value FROM josso_user_property WHERE login = ?
- </userPropertiesQueryString>
- <rolesQueryString>
- SELECT josso_role.name FROM josso_role , josso_user_role , josso_user WHERE josso_user.login = ? AND josso_user.login = josso_user_role.login AND josso_role.name = josso_user_role.name
- </rolesQueryString>
- <connectionName>josso</connectionName>
- <connectionPassword>josso</connectionPassword>
- <connectionURL>jdbc:oracle:thin:@localhost:1521:josso_db</connectionURL>
- <driverName>oracle.jdbc.driver.OracleDriver</driverName>
- </sso-identity-store-->
-
- <!-- =============================================================== -->
- <!-- LDAP Identity Store -->
- <!-- -->
- <!-- Chcek javadoc for configuration details : -->
- <!-- org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore -->
- <!-- ================================================= -->
- <!--
- <sso-identity-store>
- <class>org.josso.gateway.identity.service.store.ldap.LDAPIdentityStore</class>
- <initialContextFactory>com.sun.jndi.ldap.LdapCtxFactory</initialContextFactory>
- <providerUrl>ldap://ldaphost</providerUrl>
- <securityPrincipal>cn=Manager,dc=my-domain,dc=com</securityPrincipal>
- <securityCredential>secret</securityCredential>
- <securityAuthentication>simple</securityAuthentication>
- <ldapSearchScope>SUBTREE</ldapSearchScope>
- <usersCtxDN>ou=People,dc=my-domain,dc=com</usersCtxDN>
- <principalUidAttributeID>uid</principalUidAttributeID>
- <rolesCtxDN>ou=Roles,dc=my-domain,dc=com</rolesCtxDN>
- <uidAttributeID>uniquemember</uidAttributeID>
- <roleAttributeID>cn</roleAttributeID>
- <credentialQueryString>uid=username,userPassword=password</credentialQueryString>
- <userPropertiesQueryString>mail=mail,cn=description</userPropertiesQueryString>
- </sso-identity-store>
- -->
-
- <!-- ================================================= -->
- <!-- Memory Identity Store -->
- <!-- ================================================= -->
- <!--
- <sso-identity-store>
- <class>org.josso.gateway.identity.service.store.MemoryIdentityStore</class>
- <usersFileName>josso-users.xml</usersFileName>
- </sso-identity-store>
- -->
-
- <!-- ================================================= -->
- <!-- JBoss Portal Credential Store -->
- <!-- ================================================= -->
- <sso-identity-store>
- <class>org.jboss.portal.identity.auth.JOSSOIdentityStore</class>
- </sso-identity-store>
-
- <!-- ================================================= -->
- <!-- Identity Store Key adapter -->
- <!-- ================================================= -->
- <sso-identity-store-key-adapter>
- <class>org.josso.gateway.identity.service.store.SimpleIdentityStoreKeyAdapter</class>
- </sso-identity-store-key-adapter>
-
- </sso-identity-manager>
-
- <sso-session-manager>
-
- <class>org.josso.gateway.session.service.SSOSessionManagerImpl</class>
-
- <!--
- Set the maximum time interval, in minutes, between client requests before the SSO Service will invalidate
- the session. A negative time indicates that the session should never time out.
- -->
- <maxInactiveInterval>30</maxInactiveInterval>
-
- <!-- Max number of sessions per user, default 1
- A negative value indicates that an unlimited number of sessions per user is allowed.
- -->
- <maxSessionsPerUser>-1</maxSessionsPerUser>
- <!--
- If true, when the max number of sessions per user is exceeded,
- an already existing session will be invalidated to create a new one.
- If false, when the max number of sessions per user is exceeded,
- an exception is thrown and the new session is not created.
- -->
- <invalidateExceedingSessions>false</invalidateExceedingSessions>
-
-
- <!--
- Time interval, in milliseconds, between exired sessions cleanup.
- -->
- <sessionMonitorInterval>10000</sessionMonitorInterval>
-
- <!-- =================================================================== -->
- <!-- Serialized Session Store -->
- <!-- -->
- <!-- Session Store implementation which uses Java Serialization to -->
- <!-- persist Single Sign-On user sessions. -->
- <!-- It allows to reconstruct the session state after a system shutdown. -->
- <!-- =================================================================== -->
- <!--
- <sso-session-store>
- <class>org.josso.gateway.session.service.store.SerializedSessionStore</class>
- file where serialized sessions will be stored (optional)
- <serializedFile>/tmp/josso_sessions.ser</serializedFile>
- </sso-session-store>
- -->
-
-
- <!-- =============================================================== -->
- <!-- DataSource Session Store -->
- <!-- -->
- <!-- This store persists SSO sessions in a RDBMS, it's usefull for -->
- <!-- example when multiple SSO servers must share session information-->
- <!-- like in a cluster. -->
- <!-- -->
- <!-- NOTE :Remember to escape spetial chars like < with < , etc -->
- <!-- -->
- <!-- -->
- <!-- Chcek javadoc for configuration details : -->
- <!-- org.josso.gateway.session.service.store.db.DataSourceSessionStore -->
- <!-- =============================================================== -->
- <!--
- <sso-session-store>
-
- <class>org.josso.gateway.session.service.store.db.DataSourceSessionStore</class>
-
- <dsJndiName>java:jdbc/JossoSamplesDB</dsJndiName>
-
- <sizeQuery>SELECT COUNT(*) FROM JOSSO_SESSION</sizeQuery>
- <keysQuery>SELECT session_id FROM JOSSO_SESSION</keysQuery>
- <loadAllQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION</loadAllQuery>
- <loadQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE session_id = ?</loadQuery>
- <loadByUserNameQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE username = ?</loadByUserNameQuery>
-
- <loadByLastAccessTimeQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE last_access_time < ?</loadByLastAccessTimeQuery>
- <loadByValidQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE valid = ?</loadByValidQuery>
- <deleteDml>DELETE FROM JOSSO_SESSION WHERE session_id = ?</deleteDml>
- <deleteAllDml>DELETE FROM JOSSO_SESSION</deleteAllDml>
- <insertDml>INSERT INTO JOSSO_SESSION (session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid) VALUES (?, ?, ?, ?, ?, ?, ?) </insertDml>
-
- <dsJndiName>java:jdbc/JossoSamplesDB</dsJndiName>
-
- </sso-session-store>
- -->
-
- <!-- =============================================================== -->
- <!-- Jdbc Session Store -->
- <!-- -->
- <!-- This store persists SSO sessions in a RDBMS, it's usefull for -->
- <!-- example when multiple SSO servers must share session information-->
- <!-- like in a cluster. -->
- <!-- -->
- <!-- NOTE :Remember to escape spetial chars like < with < , etc -->
- <!-- -->
- <!-- Chcek javadoc for configuration details : -->
- <!-- org.josso.gateway.session.service.store.db.JdbcSessionStore -->
- <!-- =============================================================== -->
- <!--
- <sso-session-store>
-
- <class>org.josso.gateway.session.service.store.db.JdbcSessionStore</class>
-
- <connectionName>josso</connectionName>
- <connectionPassword>josso</connectionPassword>
- <connectionURL>jdbc:oracle:thin:@localhost:1521:josso_db</connectionURL>
- <driverName>oracle.jdbc.driver.OracleDriver</driverName>
-
- <sizeQuery>SELECT COUNT(*) FROM JOSSO_SESSION</sizeQuery>
- <keysQuery>SELECT session_id FROM JOSSO_SESSION</keysQuery>
- <loadAllQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION</loadAllQuery>
- <loadQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE session_id = ?</loadQuery>
- <loadByUserNameQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE username = ?</loadByUserNameQuery>
-
- <loadByLastAccessTimeQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE last_access_time < ?</loadByLastAccessTimeQuery>
- <loadByValidQuery>SELECT session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid FROM JOSSO_SESSION WHERE valid = ?</loadByValidQuery>
- <deleteDml>DELETE FROM JOSSO_SESSION WHERE session_id = ?</deleteDml>
- <deleteAllDml>DELETE FROM JOSSO_SESSION</deleteAllDml>
- <insertDml>INSERT INTO JOSSO_SESSION (session_id, userName, creation_time, last_access_time, access_count, max_inactive_interval, valid) VALUES (?, ?, ?, ?, ?, ?, ?) </insertDml>
-
- </sso-session-store>
- -->
-
-
- <!-- =============================================================== -->
- <!-- Memory Session Store -->
- <!-- =============================================================== -->
- <sso-session-store>
- <class>org.josso.gateway.session.service.store.MemorySessionStore</class>
- </sso-session-store>
-
- <sso-session-id-generator>
-
- <class>org.josso.gateway.session.service.SessionIdGeneratorImpl</class>
- <!--
- The message digest algorithm to be used when generating session
- identifiers. This must be an algorithm supported by the
- java.security.MessageDigest class on your platform.
-
- In J2SE 1.4.2 you can check :
- Java Cryptography Architecture API Specification & Reference - Apendix A : Standard Names
- Values are : MD2, MD5, SHA-1, SHA-256, SHA-384, SHA-512
- -->
- <algorithm>MD5</algorithm>
-
- </sso-session-id-generator>
-
- </sso-session-manager>
-
- <!-- SSO Audit Manager compoment -->
- <sso-audit-manager>
- <class>org.josso.gateway.audit.service.SSOAuditManagerImpl</class>
-
- <!--
- List of handlers that will process this request
- Every handler must have its own unique name.
- -->
- <handlers>
-
- <!-- This handler logs all audit trails using Log4J, under the given category -->
- <handler>
- <class>org.josso.gateway.audit.service.handler.LoggerAuditTrailHandler</class>
- <name>LoggerAuditTrailHandler</name>
- <category>org.josso.gateway.audit.SSO_AUDIT</category>
- </handler>
-
- <!--
- <handler>
- <class>MyOtherHandler</class>
- <name>MyOhterHandlerName</name>
- <myProperty>value</myProperty>
- </handler>
- -->
-
- </handlers>
- </sso-audit-manager>
-
- <!-- SSO Event Manager component -->
- <sso-event-manager>
- <class>org.josso.gateway.event.security.JMXSSOEventManagerImpl</class>
- <!--
- JMX Name of the EventManager MBean that will send SSO Events as JMX Notifications
- The MBean will be registered by the MBeanComponentKeeper.
- -->
- <oname>josso:type=SSOEventManager</oname>
- <!-- You can add your own listeners here : -->
- <!-- Every listener should have a unique name -->
-
- <!--
- <listeners>
- <listener>
- <class>com.myCompany.MyEventListener</class>
- <name>MyEventListener</name>
- <property1>MyListenerProperty1Value</property1>
- </listener>
- <listener>
- <class>com.myCompany.MyOtherEventListener</class>
- <name>MyOtherEventListener</name>
- <propertyA>MyOtherListenerPropertyAValue</propertyA>
- </listener>
- </listeners>
- -->
-
- </sso-event-manager>
-
-</domain>
Deleted: jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_login-config.xml
===================================================================
--- jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_login-config.xml 2007-09-04 21:38:41 UTC (rev 1202)
+++ jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_login-config.xml 2007-09-04 22:26:57 UTC (rev 1203)
@@ -1,165 +0,0 @@
-<?xml version='1.0'?>
-<!DOCTYPE policy PUBLIC
- "-//JBoss//DTD JBOSS Security Config 3.0//EN"
- "http://www.jboss.org/j2ee/dtd/security_config.dtd">
-
-<!-- The XML based JAAS login configuration read by the
-org.jboss.security.auth.login.XMLLoginConfig mbean. Add
-an application-policy element for each security domain.
-
-The outline of the application-policy is:
-<application-policy name="security-domain-name">
- <authentication>
- <login-module code="login.module1.class.name" flag="control_flag">
- <module-option name = "option1-name">option1-value</module-option>
- <module-option name = "option2-name">option2-value</module-option>
- ...
- </login-module>
-
- <login-module code="login.module2.class.name" flag="control_flag">
- ...
- </login-module>
- ...
- </authentication>
-</application-policy>
-
--->
-
-<policy>
- <!-- Used by clients within the application server VM such as
- mbeans and servlets that access EJBs.
- -->
- <application-policy name = "client-login">
- <authentication>
- <login-module code = "org.jboss.security.ClientLoginModule"
- flag = "required">
- <!-- Any existing security context will be restored on logout -->
- <module-option name="restore-login-identity">true</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <!-- Security domain for JBossMQ -->
- <application-policy name = "jbossmq">
- <authentication>
- <login-module code = "org.jboss.security.auth.spi.DatabaseServerLoginModule"
- flag = "required">
- <module-option name = "unauthenticatedIdentity">guest</module-option>
- <module-option name = "dsJndiName">java:/DefaultDS</module-option>
- <module-option name = "principalsQuery">SELECT PASSWD FROM JMS_USERS WHERE USERID=?</module-option>
- <module-option name = "rolesQuery">SELECT ROLEID, 'Roles' FROM JMS_ROLES WHERE USERID=?</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <!-- Security domain for JBossMQ when using file-state-service.xml
- <application-policy name = "jbossmq">
- <authentication>
- <login-module code = "org.jboss.mq.sm.file.DynamicLoginModule"
- flag = "required">
- <module-option name = "unauthenticatedIdentity">guest</module-option>
- <module-option name = "sm.objectname">jboss.mq:service=StateManager</module-option>
- </login-module>
- </authentication>
- </application-policy>
- -->
-
- <!-- Security domains for testing new jca framework -->
- <application-policy name = "HsqlDbRealm">
- <authentication>
- <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
- flag = "required">
- <module-option name = "principal">sa</module-option>
- <module-option name = "userName">sa</module-option>
- <module-option name = "password"></module-option>
- <module-option name = "managedConnectionFactoryName">jboss.jca:service=LocalTxCM,name=DefaultDS</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <application-policy name = "JmsXARealm">
- <authentication>
- <login-module code = "org.jboss.resource.security.ConfiguredIdentityLoginModule"
- flag = "required">
- <module-option name = "principal">guest</module-option>
- <module-option name = "userName">guest</module-option>
- <module-option name = "password">guest</module-option>
- <module-option name = "managedConnectionFactoryName">jboss.jca:service=TxCM,name=JmsXA</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <!-- A template configuration for the jmx-console web application. This
- defaults to the UsersRolesLoginModule the same as other and should be
- changed to a stronger authentication mechanism as required.
- -->
- <application-policy name = "jmx-console">
- <authentication>
- <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
- flag = "required">
- <module-option name="usersProperties">props/jmx-console-users.properties</module-option>
- <module-option name="rolesProperties">props/jmx-console-roles.properties</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <!-- A template configuration for the web-console web application. This
- defaults to the UsersRolesLoginModule the same as other and should be
- changed to a stronger authentication mechanism as required.
- -->
- <application-policy name = "$webConsoleDomain">
- <authentication>
- <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
- flag = "required">
- <module-option name="usersProperties">web-console-users.properties</module-option>
- <module-option name="rolesProperties">web-console-roles.properties</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <!-- A template configuration for the JBossWS web application (and transport layer!).
- This defaults to the UsersRolesLoginModule the same as other and should be
- changed to a stronger authentication mechanism as required.
- -->
- <application-policy name="JBossWS">
- <authentication>
- <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
- flag="required">
- <module-option name="usersProperties">props/jbossws-users.properties</module-option>
- <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
- <module-option name="unauthenticatedIdentity">anonymous</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <!-- The default login configuration used by any security domain that
- does not have a application-policy entry with a matching name
- -->
- <application-policy name = "other">
- <!-- A simple server login module, which can be used when the number
- of users is relatively small. It uses two properties files:
- users.properties, which holds users (key) and their password (value).
- roles.properties, which holds users (key) and a comma-separated list of
- their roles (value).
- The unauthenticatedIdentity property defines the name of the principal
- that will be used when a null username and password are presented as is
- the case for an unuathenticated web client or MDB. If you want to
- allow such users to be authenticated add the property, e.g.,
- unauthenticatedIdentity="nobody"
- -->
- <authentication>
- <login-module code = "org.jboss.security.auth.spi.UsersRolesLoginModule"
- flag = "required" />
- </authentication>
- </application-policy>
-
- <!-- JOSSO JAAS Module configuration -->
- <application-policy name = "josso">
- <authentication>
- <login-module code = "org.jboss.portal.identity.auth.JOSSOLoginModule"
- flag = "required">
- <module-option name="debug">true</module-option>
- </login-module>
- </authentication>
- </application-policy>
-</policy>
Deleted: jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_login.jsp
===================================================================
--- jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_login.jsp 2007-09-04 21:38:41 UTC (rev 1202)
+++ jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_login.jsp 2007-09-04 22:26:57 UTC (rev 1203)
@@ -1,41 +0,0 @@
-<%--
- ~ Copyright (c) 2004-2006, Novascope S.A. and the JOSSO team
- ~ All rights reserved.
- ~ Redistribution and use in source and binary forms, with or
- ~ without modification, are permitted provided that the following
- ~ conditions are met:
- ~
- ~ * Redistributions of source code must retain the above copyright
- ~ notice, this list of conditions and the following disclaimer.
- ~
- ~ * Redistributions in binary form must reproduce the above copyright
- ~ notice, this list of conditions and the following disclaimer in
- ~ the documentation and/or other materials provided with the
- ~ distribution.
- ~
- ~ * Neither the name of the JOSSO team nor the names of its
- ~ contributors may be used to endorse or promote products derived
- ~ from this software without specific prior written permission.
- ~
- ~ THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND
- ~ CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES,
- ~ INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF
- ~ MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE
- ~ DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS
- ~ BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
- ~ EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED
- ~ TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE,
- ~ DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON
- ~ ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY,
- ~ OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY
- ~ OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
- ~ POSSIBILITY OF SUCH DAMAGE.
- --%>
-
-<%@page contentType="text/html; charset=iso-8859-1" language="java" session="true" %>
-<!--
-Redirects the user to the propper login page. Configured as the login url the web.xml for this application.
--->
-<%
- response.sendRedirect(request.getContextPath() + "/josso_login/");
-%>
Deleted: jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_server.xml
===================================================================
--- jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_server.xml 2007-09-04 21:38:41 UTC (rev 1202)
+++ jboss-portal/modules/identity/1.0.0-SNAPSHOT/resources/josso_server.xml 2007-09-04 22:26:57 UTC (rev 1203)
@@ -1,178 +0,0 @@
-<Server>
-
- <!-- Use a custom version of StandardService that allows the
- connectors to be started independent of the normal lifecycle
- start to allow web apps to be deployed before starting the
- connectors.
- -->
- <Service name="jboss.web"
- className="org.jboss.web.tomcat.tc5.StandardService">
-
- <!-- A HTTP/1.1 Connector on port 8080 -->
- <Connector port="8080" address="${jboss.bind.address}"
- maxThreads="250" strategy="ms" maxHttpHeaderSize="8192"
- emptySessionPath="true"
- enableLookups="false" redirectPort="8443" acceptCount="100"
- connectionTimeout="20000" disableUploadTimeout="true"/>
-
- <!-- Add this option to the connector to avoid problems with
- .NET clients that don't implement HTTP/1.1 correctly
- restrictedUserAgents="^.*MS Web Services Client Protocol 1.1.4322.*$"
- -->
-
- <!-- A AJP 1.3 Connector on port 8009 -->
- <Connector port="8009" address="${jboss.bind.address}"
- emptySessionPath="true" enableLookups="false" redirectPort="8443"
- protocol="AJP/1.3"/>
-
- <!-- SSL/TLS Connector configuration using the admin devl guide keystore
- <Connector port="8443" address="${jboss.bind.address}"
- maxThreads="100" strategy="ms" maxHttpHeaderSize="8192"
- emptySessionPath="true"
- scheme="https" secure="true" clientAuth="false"
- keystoreFile="${jboss.server.home.dir}/conf/chap8.keystore"
- keystorePass="rmi+ssl" sslProtocol = "TLS" />
- -->
-
- <Engine name="jboss.web" defaultHost="localhost">
-
- <!-- The JAAS based authentication and authorization realm implementation
- that is compatible with the jboss 3.2.x realm implementation.
- - certificatePrincipal : the class name of the
- org.jboss.security.auth.certs.CertificatePrincipal impl
- used for mapping X509[] cert chains to a Princpal.
- - allRolesMode : how to handle an auth-constraint with a role-name=*,
- one of strict, authOnly, strictAuthOnly
- + strict = Use the strict servlet spec interpretation which requires
- that the user have one of the web-app/security-role/role-name
- + authOnly = Allow any authenticated user
- + strictAuthOnly = Allow any authenticated user only if there are no
- web-app/security-roles
- -->
- <!--
- <Realm className="org.jboss.web.tomcat.security.JBossSecurityMgrRealm"
- certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
- allRolesMode="authOnly"
- />
- -->
-
- <!-- A subclass of JBossSecurityMgrRealm that uses the authentication
- behavior of JBossSecurityMgrRealm, but overrides the authorization
- checks to use JACC permissions with the current java.security.Policy
- to determine authorized access.
- - allRolesMode : how to handle an auth-constraint with a role-name=*,
- one of strict, authOnly, strictAuthOnly
- + strict = Use the strict servlet spec interpretation which requires
- that the user have one of the web-app/security-role/role-name
- + authOnly = Allow any authenticated user
- + strictAuthOnly = Allow any authenticated user only if there are no
- web-app/security-roles
- <Realm className="org.jboss.web.tomcat.security.JaccAuthorizationRealm"
- certificatePrincipal="org.jboss.security.auth.certs.SubjectDNMapping"
- allRolesMode="authOnly"
- />
- -->
-
- <!-- Integrating the JOSSO realm -->
- <Realm className="org.josso.jb4.agent.JBossCatalinaRealm"
- appName="josso"
- userClassNames="org.josso.gateway.identity.service.BaseUserImpl"
- roleClassNames="org.josso.gateway.identity.service.BaseRoleImpl"
- debug="1" />
-
- <Host name="localhost"
- autoDeploy="false" deployOnStartup="false" deployXML="false">
-
- <!-- UNCOMMENT TO ENABLE CUSTOMIZATION OF TOMCAT AUTHENTICATORS
- <Host name="localhost"
- autoDeploy="false" deployOnStartup="false" deployXML="false"
- configClass="org.jboss.web.tomcat.security.config.JBossContextConfig">
- -->
-
-
- <!-- Uncomment to enable request dumper. This Valve "logs interesting
- contents from the specified Request (before processing) and the
- corresponding Response (after processing). It is especially useful
- in debugging problems related to headers and cookies."
- -->
- <!--
- <Valve className="org.apache.catalina.valves.RequestDumperValve" />
- -->
-
- <!-- Access logger -->
- <!--
- <Valve className="org.apache.catalina.valves.FastCommonAccessLogValve"
- prefix="localhost_access_log." suffix=".log"
- pattern="common" directory="${jboss.server.home.dir}/log"
- resolveHosts="false" />
- -->
-
- <!-- Uncomment to enable single sign-on across web apps
- deployed to this host. Does not provide SSO across a cluster.
-
- If this valve is used, do not use the JBoss ClusteredSingleSignOn
- valve shown below.
-
- A new configuration attribute is available beginning with
- release 4.0.4:
-
- cookieDomain configures the domain to which the SSO cookie
- will be scoped (i.e. the set of hosts to
- which the cookie will be presented). By default
- the cookie is scoped to "/", meaning the host
- that presented it. Set cookieDomain to a
- wider domain (e.g. "xyz.com") to allow an SSO
- to span more than one hostname.
- -->
- <!--
- <Valve className="org.apache.catalina.authenticator.SingleSignOn" />
- -->
-
- <!-- Uncomment to enable single sign-on across web apps
- deployed to this host AND to all other hosts in the cluster.
-
- If this valve is used, do not use the standard Tomcat SingleSignOn
- valve shown above.
-
- Valve uses a JBossCache instance to support SSO credential
- caching and replication across the cluster. The JBossCache
- instance must be configured separately. By default, the valve
- shares a JBossCache with the service that supports HttpSession
- replication. See the "tc5-cluster-service.xml" file in the
- server/all/deploy directory for cache configuration details.
-
- Besides the attributes supported by the standard Tomcat
- SingleSignOn valve (see the Tomcat docs), this version also
- supports the following attributes:
-
- cookieDomain see above
-
- treeCacheName JMX ObjectName of the JBossCache MBean used to
- support credential caching and replication across
- the cluster. If not set, the default value is
- "jboss.cache:service=TomcatClusteringCache", the
- standard ObjectName of the JBossCache MBean used
- to support session replication.
- -->
- <!--
- <Valve className="org.jboss.web.tomcat.tc5.sso.ClusteredSingleSignOn" />
- -->
-
-
- <!-- Uncomment to check for unclosed connections and transaction terminated checks
- in servlets/jsps.
- Important: You need to uncomment the dependency on the CachedConnectionManager
- in META-INF/jboss-service.xml
- <Valve className="org.jboss.web.tomcat.tc5.jca.CachedConnectionValve"
- cachedConnectionManagerObjectName="jboss.jca:service=CachedConnectionManager"
- transactionManagerObjectName="jboss:service=TransactionManager" />
- -->
-
- <!-- JOSSO Agent Valve -->
- <Valve className="org.josso.tc55.agent.SSOAgentValve" debug="1"/>
- </Host>
- </Engine>
-
- </Service>
-
-</Server>
More information about the jboss-cvs-commits
mailing list