10:17 p.m.
Author: smumford
Date: 2012-12-13 23:17:48 -0500 (Thu, 13 Dec 2012)
New Revision: 8999
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
Log:
BZ856430: Further edits to new JOSSO content
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
===================================================================
---
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2012-12-13
14:35:09 UTC (rev 8998)
+++
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2012-12-14
04:17:48 UTC (rev 8999)
@@ -759,7 +759,7 @@
</section>
<section id="sid-55477376_JOSSO-JOSSOserver">
- <title>Set Up the JOSSO server</title>
+ <title>Set up the JOSSO server</title>
<para>
This section describes how to set up the JOSSO server to authenticate
against the JBoss Portal Platform using the REST authentication plugin. In this example,
the JOSSO server will be installed on Tomcat.
@@ -820,7 +820,7 @@
<step>
<para>
- Tomcat should now allow access to
<uri>http://localhost:8888/josso/signon/login.do</uri>. However, if you are
using SSO Authentication plugin, the login will not be available at this stage as your
JBoss Portal Platform is not yet set up.
+ Tomcat should now allow access to
<uri>http://localhost:8888/josso/signon/login.do</uri>. However, if you are
using the SSO Authentication plugin, the login will not be available as you must set up
your JBoss Portal Platform instance to use it.
</para>
<figure>
@@ -837,7 +837,7 @@
</section>
<section id="sid-55477376_JOSSO-SetuptheJOSSOclient">
- <title>JOSSO client</title>
+ <title>Set up the JOSSO client</title>
<procedure>
<step>
@@ -938,11 +938,11 @@
<title>JOSSO 2.2</title>
<para>
- JOSSO 2.2 takes a different approach to SSO than JOSSO 1.8. It is designed
to allow users to create their own SSO environment by modelling it in flash web
application called <emphasis
role="strong">atricore-console</emphasis>.
+ JOSSO 2.2 takes a different approach to SSO than JOSSO 1.8. It is designed
to allow users to create their own SSO environment by modelling it in a flash web
application called <emphasis
role="strong">atricore-console</emphasis>.
</para>
<para>
- Unfortunately this make it more difficult to use the SSO Authentication
plugin as it's not easily possible to configure an existing JOSSO 2.2 environment via
Spring XML files. Using the AuthenticationPlugin with JOSSO 2.2 is not supported.
+ Unfortunately this make it more difficult to use the SSO Authentication
plugin as it is not easily possible to configure an existing JOSSO 2.2 environment via
Spring XML files. Using the <systemitem>AuthenticationPlugin</systemitem> with
JOSSO 2.2 is not supported.
</para>
<section id="sid-55477376_JOSSO-JOSSO2.2serversetup">
@@ -953,45 +953,66 @@
</para>
<para>
- After unzipping the download and running the JOSSO, you can access the
<application>atricore</application> console at
<uri>http://server.local.network:8081/atricore-console</uri>
(<emphasis>server.local.network</emphasis> is the virtual host defined in
<filename>/etc/hosts</filename>).
+ After unzipping the download and running the JOSSO, you can access the
<application>atricore</application> console at
<uri>http://<replaceable>server.local.network</replaceable>:8081/atricore-console</uri>
(<replaceable>server.local.network</replaceable> is the virtual host defined
in <filename>/etc/hosts</filename>).
</para>
<procedure>
<step>
<para>
- Login to the portal as
<literal>admin/admin</literal>.
+ Login to the portal with the username/password combination;
<literal>admin/admin</literal>.
</para>
</step>
<step>
<para>
- Create a new empty <emphasis
role="italics">Identity appliance</emphasis> with the following
details:
+ Create a new, empty <emphasis
role="italics">Identity appliance</emphasis> with the following
details:
</para>
-
- <itemizedlist>
- <listitem>
- <para>
- Name: <emphasis
role="italics">MYFIRSTIA</emphasis>
- </para>
- </listitem>
-
- <listitem>
- <para>
- Realm name: <emphasis
role="italics">com.mycompany.myrealm</emphasis>
- </para>
- </listitem>
-
- <listitem>
- <para>
- Appliance location: <emphasis
role="italics"> <uri>http://server.local.network:8081</uri>
</emphasis>
- </para>
- </listitem>
- </itemizedlist>
+ <table>
+ <title></title>
+ <tgroup cols="2">
+ <thead>
+ <row>
+ <entry>
+ Setting
+ </entry>
+ <entry>
+ Value
+ </entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry>
+ Name
+ </entry>
+ <entry>
+ <parameter>MYFIRSTIA</parameter>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Realm name
+ </entry>
+ <entry>
+
<parameter>com.mycompany.myrealm</parameter>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Appliance location
+ </entry>
+ <entry>
+
<uri>http://server.local.network:8081</uri>
+ </entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
</step>
<step>
<para>
- Create a new Identity provider named <emphasis
role="italics">AcmeIDP</emphasis> (use the default settings)
+ Create a new Identity provider named <emphasis
role="italics">AcmeIDP</emphasis> (use the default settings).
</para>
<figure>
@@ -1037,33 +1058,56 @@
<para>
Create empty temporary directory
<filename>/tmp/tomcat7</filename> and then in the
<application>atricore</application> console create new Execution environment
of type <emphasis role="italics">Tomcat</emphasis> with the
following parameters:
</para>
-
- <itemizedlist>
- <listitem>
- <para>
- Name: <emphasis
role="italics">SP1EE</emphasis>
- </para>
- </listitem>
-
- <listitem>
- <para>
- Version: <emphasis
role="italics">7.0.x</emphasis>
- </para>
- </listitem>
-
- <listitem>
- <para>
- Target host: <emphasis
role="italics">Local</emphasis>
- </para>
- </listitem>
-
- <listitem>
- <para>
- Install home: <emphasis
role="italics">/tmp/tomcat7</emphasis> (Directory
<code>/tmp/tomcat7</code> must exists, but it could be empty directory without
any tomcat presented as we do not overwrite existing setup or install demo apps).
- </para>
- </listitem>
- </itemizedlist>
-
+ <table>
+ <title></title>
+ <tgroup cols="2">
+ <thead>
+ <row>
+ <entry>
+ Setting
+ </entry>
+ <entry>
+ Value
+ </entry>
+ </row>
+ </thead>
+ <tbody>
+ <row>
+ <entry>
+ Name
+ </entry>
+ <entry>
+ <parameter>SP1EE</parameter>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Version
+ </entry>
+ <entry>
+ <parameter>7.0.x</parameter>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Target host
+ </entry>
+ <entry>
+ <parameter>Local</parameter>
+ </entry>
+ </row>
+ <row>
+ <entry>
+ Install home
+ </entry>
+ <entry>
+ <parameter>/tmp/tomcat7</parameter>
(the <code>/tmp/tomcat7</code> directory must exist, but it can be empty).
+ </entry>
+ </row>
+ </tbody>
+ </tgroup>
+ </table>
+
<figure>
<title>SP Execution Environment
configuration</title>
@@ -1109,13 +1153,13 @@
<step>
<para>
- Go to the <emphasis role="italics">Identity
appliance lifecycle management</emphasis> tab and go through lifecycle of Identity
appliance
(<menuchoice><guimenuitem>Saved</guimenuitem><guimenuitem>Staged</guimenuitem><guimenuitem>Deployed</guimenuitem><guimenuitem>Started</guimenuitem></menuchoice>)
as suggested in the quickstart.
+ Go to the <guilabel>Identity appliance lifecycle
management</guilabel> tab and go through lifecycle of Identity appliance
(<menuchoice><guimenuitem>Saved</guimenuitem><guimenuitem>Staged</guimenuitem><guimenuitem>Deployed</guimenuitem><guimenuitem>Started</guimenuitem></menuchoice>)
as suggested in the quickstart.
</para>
</step>
<step>
<para>
- Go to the <emphasis role="italics">Account
& Entitlement management</emphasis> tab and create users. Users must be
created this way because REST callbacks to the Portal are not supported in this release.
+ Go to the <guilabel>Account & Entitlement
management</guilabel> tab and create users. Users must be created this way because
REST callbacks to the Portal are not supported in this release.
</para>
<para>
@@ -1162,13 +1206,13 @@
</informalexample>
<para>
- Note that <code>gatein.sso.filter.logout.url</code>
is empty now as the logout URL will be obtained from JOSSO agent configuration in file
<filename>JBOSS_HOME/gatein/gatein.ear/portal.war/WEB-INF/classes/sso/josso/2.2/josso-agent-config.xml</filename>.
+ Note that <code>gatein.sso.filter.logout.url</code>
is empty now as the logout URL will be obtained from the JOSSO agent configuration set in
file
<filename>JBOSS_HOME/gatein/gatein.ear/portal.war/WEB-INF/classes/sso/josso/2.2/josso-agent-config.xml</filename>.
</para>
</step>
<step>
<para>
- Update Sthe SO module in EAP 6 :
+ Update the SSO module in EAP 6:
</para>
<substeps>
@@ -1180,7 +1224,7 @@
<step>
<para>
- Copy the
<filename>GATEIN_SSO_HOME/josso/gatein-josso-182/modules/org/gatein/sso into
JBOSS_HOME/modules/org/gatein/</filename> directory.
+ Copy the
<filename>SSO_HOME/josso/gatein-josso-182/modules/org/gatein/sso</filename>
into <filename>JBOSS_HOME/modules/org/gatein/</filename> directory.
</para>
</step>
</substeps>
@@ -1198,7 +1242,7 @@
</para>
<para>
- You will be redirected to JOSSO, but you will need to login
with the username/password account created via the JOSSO console (for example
<literal>john</literal>/<literal>password</literal>) as REST
callbacks are not supported.
+ You will be redirected to the JOSSO instance, but you will
need to login with the username/password account created via the JOSSO console (for
example <literal>john</literal>/<literal>password</literal>) as
REST callbacks are not supported.
</para>
<para>
@@ -1223,12 +1267,9 @@
<step>
<para>
- Add <code>ServletAccessValve</code> into
<filename>server.xml</filename> (as was done to set up CAS single sign-on).
+ Add <code>ServletAccessValve</code> into
<filename>server.xml</filename> (as was done to set up CAS single sign-on).
Refer to <xref linkend="sect-Deploying_CAS_on_Tomcat"/> for more details.
</para>
-
- <para>
- Refer to <xref
linkend="sect-Deploying_CAS_on_Tomcat"/> for more details.
- </para>
+
</step>
<step>