Author: jaredmorgs
Date: 2012-10-24 02:12:02 -0400 (Wed, 24 Oct 2012)
New Revision: 8938
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/Revision_History.xml
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SAML2.xml
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
Log:
BZ#856430 - Updated the Central Authentication Storage (CAS) section with info from the
.txt file. Lots of NEEDINFO in this update, but hopefully the changes will give Marek a
base to work from when he looks at providing updates to the docs formally.
Modified: epp/docs/branches/6.0/Reference_Guide/en-US/Revision_History.xml
===================================================================
--- epp/docs/branches/6.0/Reference_Guide/en-US/Revision_History.xml 2012-10-23 14:29:28
UTC (rev 8937)
+++ epp/docs/branches/6.0/Reference_Guide/en-US/Revision_History.xml 2012-10-24 06:12:02
UTC (rev 8938)
@@ -7,7 +7,21 @@
<title>Revision History</title>
<simpara>
<revhistory>
- <revision>
+ <revision>
+ <revnumber>6.0.0-11</revnumber>
+ <date>Mon Oct 24 2012</date>
+ <author>
+ <firstname>Jared</firstname>
+ <surname>Morgan</surname>
+ <email/>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member>BZ#856430 - Updated the Central Authentication Storage (CAS)
section with info from the .txt file. Lots of NEEDINFO in this update, but hopefully the
changes will give Marek a base to work from when he looks at providing updates to the docs
formally.</member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ <revision>
<revnumber>6.0.0-10</revnumber>
<date>Tue Oct 23 2012</date>
<author>
@@ -21,18 +35,32 @@
</simplelist>
</revdescription>
</revision>
- <revision>
- <revnumber>6.0.0-8</revnumber>
+ <revision>
+ <revnumber>6.0.0-9</revnumber>
+ <date>Mon Oct 23 2012</date>
+ <author>
+ <firstname>Jared</firstname>
+ <surname>Morgan</surname>
+ <email/>
+ </author>
+ <revdescription>
+ <simplelist>
+ <member>BZ#856430 - Added SAML2 information received from Marek to the
guide, and will await further information regarding generating keystores for use in
production environments.</member>
+ </simplelist>
+ </revdescription>
+ </revision>
+ <revision>
+ <revnumber>6.0.0-8</revnumber>
<date>Mon Oct 22 2012</date>
<author>
<firstname>Petr</firstname>
<surname>Penicka</surname>
- <email/>
+ <email/>
</author>
<revdescription>
- <simplelist>
- <member>Replaced callouts in all code examples with code
comments.</member>
- </simplelist>
+ <simplelist>
+ <member>Replaced callouts in all code examples with code
comments.</member>
+ </simplelist>
</revdescription>
</revision>
<revision>
@@ -45,7 +73,7 @@
</author>
<revdescription>
<simplelist>
- <member>Bug 850746 - Remove Chapter 41. eXo JCR Backup Service and Chapter 42.
HTTPBackupAgent and Backup Client from EPP Reference Guide.</member>
+ <member>Bug 850746 - Remove Chapter 41. eXo JCR Backup Service and
Chapter 42. HTTPBackupAgent and Backup Client from EPP Reference Guide.</member>
</simplelist>
</revdescription>
</revision>
@@ -59,11 +87,11 @@
</author>
<revdescription>
<simplelist>
- <member>BZ#851691 - fixed broken lines in code examples caused by callouts
throughout the whole guide. Issue with image links not resolved due to Publican 3.0
bug.</member>
+ <member>BZ#851691 - fixed broken lines in code examples caused by
callouts throughout the whole guide. Issue with image links not resolved due to Publican
3.0 bug.</member>
</simplelist>
</revdescription>
</revision>
- <revision>
+ <revision>
<revnumber>6.0.0-5</revnumber>
<date>Thu Oct 18 2012</date>
<author>
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SAML2.xml
===================================================================
(Binary files differ)
Modified:
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml
===================================================================
---
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2012-10-23
14:29:28 UTC (rev 8937)
+++
epp/docs/branches/6.0/Reference_Guide/en-US/modules/AuthenticationAndIdentity/SSO.xml 2012-10-24
06:12:02 UTC (rev 8938)
@@ -334,118 +334,182 @@
<para>
The integration consists of two parts; the first part consists of installing
or configuring a CAS server, the second part consists of setting up the portal to use the
CAS server.
</para>
- <procedure
id="proc-Reference_Guide-Central_Authentication_Service-CAS_server">
- <title>Installing CAS server, and defining
<replaceable>CAS_DIR</replaceable></title>
- <step>
- <para>
+ <section>
+ <title>CAS_DIR</title>
+ <procedure
id="proc-Reference_Guide-Central_Authentication_Service-CAS_server">
+ <title>Installing CAS server, and defining CAS_DIR</title>
+ <step>
+ <para>
Set up the server to authenticate against the portal login module, as
described in <xref
linkend="sect-Reference_Guide-SSO_Single_Sign_On_-Enabling_SSO_using_JBoss_SSO_Valve"/>.
</para>
- </step>
- <step>
- <para>
- Download the latest version of CAS from <ulink
url="http://www.jasig.org/cas/download" type="http"/> .
+ </step>
+ <step>
+ <para>
+ Download CAS v3.5 from <ulink
url="http://www.jasig.org/cas/download" type="http"/> .
+This CAS version forms part of a supported configuration for &PRODUCT;.
</para>
+ </step>
+ <step>
+ <para>
+ Extract the downloaded file into a suitable location. </para>
+ <para>This location is referred to as
<replaceable>CAS_DIR</replaceable> in the following procedures.
</para>
- </step>
- <step>
- <para>
- Extract the downloaded file into a suitable location. This location
is referred to as <replaceable>CAS_DIR</replaceable> in the following
example.
+ </step>
+ </procedure>
+ </section>
+ <section id="sect-CAS_HTTPD_DIST">
+ <title><remark>BZ#856430</remark>HTTPD_DIST</title>
+ <task>
+ <title>Install Tomcat and change default ports for CAS
compatibility.</title>
+ <tasksummary>
+ <para>Tomcat hosts CAS on the portal instance. Install and configure
Tomcat before proceeding with other configuration relating to CAS. </para>
+ <para>This procedure covers the Linux installation method for Apache
Tomcat (httpd). </para>
+ <para>Completing this task defines the file path abbreviation
<filename>HTTPD_DIST</filename>, which is used in other CAS configuration
procedures.</para>
+ </tasksummary>
+ <procedure>
+ <step>
+ <para>Install Tomcat by running <command>sudo yum install
httpd</command> in a terminal.
</para>
- </step>
- </procedure>
- <para>
- The simplest way to configure the web archive is to make the necessary
changes directly into the CAS codebase.
+ </step>
+ <step>
+ <para> Edit
<filename><replaceable>HTTPD_DIST</replaceable>/conf/httpd.conf</filename>
and change the Listen 80 port to 8888 to avoid a conflict with the default JBoss
Enterprise Portal Platform.
+<remark>NEEDINFO - this used to be HTTPD_DIST/conf/server.xml, but if you install
httpd using RPM, this file doesn't seem to exist. I assumed the .conf file was
the correct place to change the listen port.</remark> </para>
+ <note>
+ <para>
+ If JBoss Enterprise Portal Platform is running on the same
machine as Apache Tomcat, other ports will need to be changed in addition to 8080 to
avoid conflicts. They can be changed to any free port. For example; change the admin port
from 8005 to 8805 and the AJP port from 8009 to 8809.
+ </para>
+ </note>
+ </step>
+ <step>
+ <para>Ensure port 8888 is open in the server firewall, and the httpd
service is enabled and running so the platform can communicate with Apache on the same
server. </para>
+ </step>
+ </procedure>
+ </task>
+ </section>
+ <section>
+ <title><remark>BZ#856430</remark>Configure the
platform</title>
+ <task>
+ <title>Configuring SSO configuration.properties for CAS</title>
+ <tasksummary>
+ <para>To prepare the portal platform for CAS authentication, SSO filters
and login modules need to be specified in global configuration files. The location of the
CAS server, as configured in a locally-running Apache Tomcat server, also needs to be
specified.</para>
+ </tasksummary>
+ <taskprerequisites>
+ <itemizedlist>
+ <listitem>
+ <para>
+ Set up the server to authenticate against the portal login module, as
described in <xref
linkend="sect-Reference_Guide-SSO_Single_Sign_On_-Enabling_SSO_using_JBoss_SSO_Valve"/>.
+<remark><-- NEEDINFO - 20121024 - need to check that this process is still
valid and correct based on EPP 6 changes. </remark> </para>
+ </listitem>
+ <listitem>
+ <para>Complete the task in <xref
linkend="sect-CAS_HTTPD_DIST"/></para>
+ </listitem>
+ <listitem>
+ <para>The platform is configured to run on the default host and port
(
http://localhost:8080)</para>
+ </listitem>
+ </itemizedlist>
+ </taskprerequisites>
+ <procedure>
+ <step>
+ <para>Open
<filename>EPP_DIST/standalone/configuration/gatein/configuration.properties</filename>,
and locate the SSO sections in the file.</para>
+ </step>
+ <step>
+ <para>Make the following changes to the file to declare the correct
login module, server and portal URLs, and the logout filter. Ensure <replaceable>
[portal.container.name]</replaceable> is replaced with the name of the portal
container used in production.</para>
+ <programlisting># SSO
+gatein.sso.enabled=true
+gatein.sso.callback.enabled=${gatein.sso.enabled}
+gatein.sso.login.module.enabled=${gatein.sso.enabled}
+gatein.sso.login.module.class=org.gatein.sso.agent.login.SSOLoginModule
+gatein.sso.server.url=http://localhost:8888/cas
+gatein.sso.portal.url=http://localhost:8080
+gatein.sso.filter.logout.class=org.gatein.sso.agent.filter.CASLogoutFilter
+gatein.sso.filter.logout.url=${gatein.sso.server.url}/logout
+gatein.sso.filter.login.sso.url=${gatein.sso.server.url}/login?service=${gatein.sso.portal.url}/@@<replaceable>[portal.container.name]</replaceable>@(a)/initiatessologin</programlisting>
+ </step>
+ </procedure>
+ </task>
+ </section>
+ <section>
+ <title>Modify CAS Server</title>
+ <para>
+ The CAS Server Plug-in makes secure callbacks to a RESTful service installed
on the remote &PRODUCT; server to authenticate a user.
</para>
- <note>
<para>
- To perform the final build step and complete these instructions you will
need the Apache Maven 2. Download it from <ulink
url="http://maven.apache.org/download.html" type="http"> here
</ulink> .
- </para>
- </note>
- <para>
- Change the default authentication handler with the one provided by JBoss
Enterprise Portal Platform.
+ In order for the plug-in to function correctly, it needs to be properly
configured to connect to this service. This configuration is controlled by the
<filename>cas.war/WEB-INF/deployerConfigContext.xml</filename> file.
</para>
- <para>
- The CAS Server Plug-in makes secure callbacks to a RESTful service installed
on the remote JBoss Enterprise Portal Platform server to authenticate a user.
+ <para>
+ Change the default authentication handler with the one provided by
&PRODUCT;.
</para>
- <para>
- In order for the plug-in to function correctly, it needs to be properly
configured to connect to this service. This configuration is controlled by the
<filename>cas.war/WEB-INF/deployerConfigContext.xml</filename> file.
- </para>
- <procedure
id="proc-Reference_Guide-Central_Authentication_Service-Modifying_CAS_server">
- <title>Modifying CAS server</title>
- <step>
- <para>
- Open
<filename><replaceable>CAS_DIR</replaceable>/cas-server-webapp/src/main/webapp/WEB-INF/deployerConfigContext.xml</filename>
+ <para>
+<remark>NEEDINFO - 20121024 - Will a customer need to use Maven to modify the CAS
server, or are the files contained in GATEIN_SSO_HOME/cas/plugin/WEB-INF/lib/
</remark> To perform the final build step and complete these
instructions you will need the Apache Maven 2. Download it from <ulink
url="http://maven.apache.org/download.html" type="http"> here
</ulink> .
+ </para>
+ <procedure
id="proc-Reference_Guide-Central_Authentication_Service-Modifying_CAS_server">
+ <title>Modifying CAS server</title>
+ <step>
+ <para>
+ Open
<filename><replaceable>CAS_DIR</replaceable>/webapps/cas/WEB-INF/deployerConfigContext.xml</filename>
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>Make the following changes to the directives in
<filename>deployerConfigContext.xml</filename>.</para>
+ <programlisting><!--<bean
+class="org.jasig.cas.authentication.handler.support.SimpleTestUsernamePasswordAuthenticationHandler"
/>
+-->
+<bean
class="org.gatein.sso.cas.plugin.AuthenticationPlugin">
+<property
name="gateInProtocol"><value>http</value></property>
+ <property
name="gateInHost"><value>localhost</value></property>
+ <property
name="gateInPort"><value>8080</value></property>
+ <property
name="gateInContext"><value>portal</value></property>
+<property
name="httpMethod"><value>POST</value></property>
+</bean></programlisting>
+ </step>
+<!--BZ#856430 - Removed these steps because they contain info not required according
to instructions provided my Marek P in attachment.--><!--<step>
+ <para>
Replace this code:
</para>
- <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default102.xml"
parse="text"/></programlisting>
- <para>
+ <programlisting language="XML" role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default102.xml"
parse="text"/></programlisting>
+ <para>
with the following (ensure you set the host, port and context with
the values corresponding to your portal). The code is available for direct copy in the
<filename>PORTAL_SSO/cas/plugin/WEB-INF/deployerConfigContext.xml</filename>
file:
</para>
- <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default103.xml"
parse="text"/></programlisting>
- </step>
- <step>
- <para>
+ <programlisting language="XML" role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default103.xml"
parse="text"/></programlisting>
+</step>--><!--<step>
+ <para>
Copy the following files into the
<filename><replaceable>CAS_DIR</replaceable>/cas-server-webapp/src/main/webapp/WEB-INF/lib</filename>
directory:</para>
- <itemizedlist>
- <listitem>
-
<para><filename><replaceable>PORTAL_SSO</replaceable>/cas/plugin/WEB-INF/lib/sso-cas-plugin-<replaceable>VERSION</replaceable>.jar</filename></para>
- </listitem>
- <listitem>
-
<para><filename><replaceable>PORTAL_SSO</replaceable>/cas/plugin/WEB-INF/lib/commons-httpclient-<replaceable>VERSION</replaceable>.jar</filename></para>
- </listitem>
- </itemizedlist>
- </step>
- <step>
- <para>
- If you have not already done so, download an instance of Tomcat and
extract it into a suitable location (which will be called <filename>
- <replaceable>HTTPD_DIST</replaceable>
- </filename> for these instructions).
- </para>
- </step>
- <step>
- <para>
- Edit
<filename><replaceable>HTTPD_DIST</replaceable>/conf/server.xml</filename>
and change the 8080 port to 8888 to avoid a conflict with the default JBoss Enterprise
Portal Platform.
- </para>
- <note>
- <para>
- If JBoss Enterprise Portal Platform is running on the same
machine as Tomcat other ports will need to be changed in addition to 8080 in order to
avoid conflicts. They can be changed to any free port. For example; you can change the
admin port from 8005 to 8805 and the AJP port from 8009 to 8809.
- </para>
- </note>
- </step>
- <step>
- <para>
+ <itemizedlist>
+ <listitem>
+
<para><filename><replaceable>PORTAL_SSO</replaceable>/cas/plugin/WEB-INF/lib/sso-cas-plugin-<replaceable>VERSION</replaceable>.jar</filename></para>
+ </listitem>
+ <listitem>
+
<para><filename><replaceable>PORTAL_SSO</replaceable>/cas/plugin/WEB-INF/lib/commons-httpclient-<replaceable>VERSION</replaceable>.jar</filename></para>
+ </listitem>
+ </itemizedlist>
+</step>--><!--<step>
+ <para>
Navigate locally to the
<filename><replaceable>CAS_DIR</replaceable>/cas-server-webapp</filename>
directory and execute the following command:
</para>
- <programlisting>mvn install
+ <programlisting>mvn install
</programlisting>
- </step>
- <step>
- <para>
+</step>--><!--<step>
+ <para>
Copy the
<filename><replaceable>CAS_DIR</replaceable>/cas-server-webapp/target/cas.war</filename>
file into the <filename>HTTPD_DIST/webapps</filename> directory.
</para>
- <para>
+ <para>
Tomcat should start without issue and should be accessible at
<ulink url="http://localhost:8888/cas" type="http">
http://localhost:8888/cas </ulink> .
</para>
- <note>
- <para>
+ <note>
+ <para>
At this stage the login functionality will not be available.
</para>
- </note>
- <mediaobject>
- <imageobject>
- <imagedata width="444" scale="100"
fileref="images/AuthenticationAndIdentity/SSO/cas.png"
format="PNG"/>
- </imageobject>
- </mediaobject>
- </step>
- </procedure>
- <note>
- <para>
+ </note>
+ <mediaobject>
+ <imageobject>
+ <imagedata width="444" scale="100"
fileref="images/AuthenticationAndIdentity/SSO/cas.png"
format="PNG"/>
+ </imageobject>
+ </mediaobject>
+</step>--> </procedure>
+ <note>
+ <para>
On logout, the CAS server will display the CAS logout page with a link to
return to the portal. To make the CAS server redirect to the portal page after a logout,
modify the <filename>cas.war/WEB-INF/cas-servlet.xml</filename> to include the
follow line :
</para>
- <programlisting>
+ <programlisting>
<bean id="logoutController"
class="org.jasig.cas.web.LogoutController"
p:centralAuthenticationService-ref="centralAuthenticationService"
p:logoutView="casLogoutView"
@@ -453,19 +517,23 @@
p:ticketGrantingTicketCookieGenerator-ref="ticketGrantingTicketCookieGenerator"
p:followServiceRedirects="true"/>
</programlisting>
- </note>
- <procedure
id="proc-Reference_Guide-Central_Authentication_Service-Setup_the_CAS_client">
- <title>Setup the CAS client</title>
- <step>
- <para>
- Copy all the libraries from the
<filename><replaceable>PORTAL_SSO</replaceable>/cas/gatein.ear/lib</filename>
directory into the
<filename><replaceable>EPP_DIST</replaceable>/jboss-as/server/default/deploy/gatein.ear/lib</filename>)
directory.
+ </note>
+ </section>
+ <section>
+ <title>Configure CAS client</title>
+ <para><remark>NEEDINFO - this section will need to be reviewed to
ensure it is still correct</remark></para>
+ <procedure
id="proc-Reference_Guide-Central_Authentication_Service-Setup_the_CAS_client">
+ <title>Setup the CAS client</title>
+ <step>
+ <para>
+ Copy all the libraries from the
<filename><replaceable>PORTAL_SSO</replaceable>/cas/gatein.ear/lib</filename>
directory into the
<filename><replaceable>EPP_DIST</replaceable>/jboss-as/server/default/deploy/gatein.ear/lib</filename>)
directory<remark><-- what are the new file paths?</remark>.
</para>
- </step>
- <step>
- <para>
- Edit the
<filename><replaceable>EPP_DIST</replaceable>/jboss-as/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename>
file. In the file, first comment out or remove all <login-module> entries.
Then uncomment the following section:
+ </step>
+ <step>
+ <para>
+ Edit the
<filename><replaceable>EPP_DIST</replaceable>/jboss-as/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/META-INF/gatein-jboss-beans.xml</filename>
file. In the file, first comment out or remove all <login-module> entries.
Then uncomment the following section <remark><-- what are the new file
paths?</remark>:
</para>
- <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default105.xml"
parse="text"/></programlisting>
+ <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default105.xml"
parse="text"/></programlisting>
<!-- Removing as per
https://issues.jboss.org/browse/JBEPP-1350
<para>
In Tomcat, edit
<filename>GATEIN_HOME/conf/jaas.conf</filename>, uncomment on this section and
comment other parts:
@@ -475,61 +543,66 @@
portalContainerName=portal
realmName=gatein-domain;
</programlisting>
- --> </step>
- <step>
- <para>
+ --> </step>
+ <step>
+ <para>
The installation can be tested at this point (assuming the CAS server
on Tomcat is running):
</para>
- <procedure>
- <step>
- <para>
+ <procedure>
+ <step>
+ <para>
Start (or restart) JBoss Enterprise Portal Platform and
direct your web browser to <ulink url="http://localhost:8888/cas"
type="http">
http://localhost:8888/cas </ulink> .
</para>
- </step>
- <step>
- <para>
+ </step>
+ <step>
+ <para>
Login with the username <literal>root</literal>
and the password <literal>gtn</literal> (or any other account created through
the portal).
</para>
- </step>
- </procedure>
- </step>
- </procedure>
- <para>
- To utilize the Central Authentication Service, JBoss Enterprise Portal
Platform needs to redirect all user authentication to the CAS server.
+ </step>
+ </procedure>
+ </step>
+ </procedure>
+ </section>
+ <section>
+ <title>Redirect to CAS</title>
+ <para><remark>NEEDINFO - this section will need to be reviewed to
ensure it is still correct according to the changes in EPP 6</remark></para>
+ <para>
+ To utilize the Central Authentication Service, &PRODUCT; needs to
redirect all user authentication to the CAS server.
</para>
- <para>
- Information about where the CAS is hosted must be properly configured within
the JBoss Enterprise Portal Platform instance. The required configuration is done by
modifying three files.
+ <para>
+ Information about where the CAS is hosted must be properly configured within
the &PRODUCT; instance. The required configuration is done by modifying three files.
</para>
- <procedure
id="proc-Reference_Guide-Central_Authentication_Service-Redirect_to_CAS">
- <title>Redirect to CAS</title>
- <step>
- <para>
- Modify the '<emphasis role="bold">Sign
In</emphasis>' link in the
<filename><replaceable>EPP_DIST</replaceable>/jboss-as/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtml</filename>
file as follows:
+ <procedure
id="proc-Reference_Guide-Central_Authentication_Service-Redirect_to_CAS">
+ <title>Redirect to CAS</title>
+ <step>
+ <para>
+ Modify the '<emphasis role="bold">Sign
In</emphasis>' link in the
<filename><replaceable>EPP_DIST</replaceable>/jboss-as/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtml</filename>
file as follows <remark><-- what are the new file paths?</remark>:
</para>
- <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default106.xml"
parse="text"/></programlisting>
- </step>
- <step>
- <para>
- Modify the '<emphasis role="bold">Sign
In</emphasis>' link in the
<filename><replaceable>EPP_DIST</replaceable>/jboss-as/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/web.war/groovy/portal/webui/component/UILogoPortlet.gtmpl</filename>
file as follows:
+ <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default106.xml"
parse="text"/></programlisting>
+ </step>
+ <step>
+ <para>
+ Modify the '<emphasis role="bold">Sign
In</emphasis>' link in the
<filename><replaceable>EPP_DIST</replaceable>/jboss-as/server/<replaceable>PROFILE</replaceable>/deploy/gatein.ear/web.war/groovy/portal/webui/component/UILogoPortlet.gtmpl</filename>
file as follows <remark><-- what are the new file paths?</remark>:
</para>
- <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default107.xml"
parse="text"/></programlisting>
- </step>
- <step>
- <para>
- Replace the entire contents of
<filename>gatein.ear/02portal.war/login/jsp/login.jsp</filename> with:
+ <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default107.xml"
parse="text"/></programlisting>
+ </step>
+ <step>
+ <para>
+ Replace the entire contents of
<filename>gatein.ear/02portal.war/login/jsp/login.jsp</filename> with
<remark><-- what are the new file paths?</remark>:
</para>
- <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default108.xml"
parse="text"/></programlisting>
- </step>
- <step>
- <para>
- Add the following Filters at the top of the filter chain in
<filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>:
+ <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default108.xml"
parse="text"/></programlisting>
+ </step>
+ <step>
+ <para>
+ Add the following Filters at the top of the filter chain in
<filename>gatein.ear/02portal.war/WEB-INF/web.xml</filename>
<remark><-- what are the new file paths?</remark>:
</para>
- <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default109.xml"
parse="text"/></programlisting>
- </step>
- </procedure>
- <para>
- Once these changes have been made, all links to the user authentication pages
will redirect to the CAS centralized authentication form and CAS can be used as an SSO
implementation in your portal.
+ <programlisting language="XML"
role="XML"><xi:include
xmlns:xi="http://www.w3.org/2001/XInclude"
href="../../extras/Authentication_Identity_SSO/default109.xml"
parse="text"/></programlisting>
+ </step>
+ </procedure>
+ <para>
+ Once these changes have been made, all links to the user authentication pages
will redirect to the CAS centralized authentication form and CAS can be used as an SSO
implementation in the portal.
</para>
+ </section>
</section>
<section
id="sect-Reference_Guide-SSO_Single_Sign_On_-Java_Open_Single_Sign_On_Project">
<title>Java Open Single Sign-On Project</title>