[JBoss JIRA] Created: (GTNPORTAL-991) GateIn+SSO integration: Documentation issues
by Marek Posolda (JIRA)
GateIn+SSO integration: Documentation issues
--------------------------------------------
Key: GTNPORTAL-991
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-991
Project: GateIn Portal
Issue Type: Bug
Security Level: Public (Everyone can see)
Components: Documentation
Affects Versions: 3.0.0-GA
Environment: GateIn-3.0.0-GA with JBoss 5.1.0,
Reference guide - chapter 3 (SSO - Single Sign On). I used reference guide built from trunk (revision 2305)
Reporter: Marek Posolda
Assignee: Luc Texier
After some fight, I did successfull manual integration of GateIn-3.0.0-GA with CAS, JOSSO and OpenSSO. I did integration with GateIn+JBoss 5.1 and particular SSO framework on Tomcat 6.0.18.
I used instructions in reference guide but I need to do couple of additional steps to complete successfull integration (I mean that all things are not mentioned in referemce guide). I also founded some other problems in reference guide so I am attaching all founded problems and potential confusions in document in attachement.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
15 years, 11 months
[JBoss JIRA] Created: (GTNPORTAL-995) OpenSSO integration issues
by Marek Posolda (JIRA)
OpenSSO integration issues
--------------------------
Key: GTNPORTAL-995
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-995
Project: GateIn Portal
Issue Type: Sub-task
Security Level: Public (Everyone can see)
Components: Documentation
Affects Versions: 3.0.0-GA
Environment: GateIn-3.0.0-GA + JBoss 5.1 bundle,
OpenSSO 8.0 on Tomcat 6.0.18, OpenSSO 8.0-Update1 on Tomcat 6.0.18 ( I tried both),
Reporter: Marek Posolda
Assignee: Luc Texier
OpenSSO integration was most problematic and I was not able to integrate without doing any additional steps in my environment.
So here it is. I did this in clean environment:
- I deployed OpenSSO 8.0-update1 to Tomcat 6.0.18,
- I did all instructions in reference guide - section 3.4
- I created "Default configuration" when I first accessed http://localhost:8888/opensso
Even if I did this I didn't have gatein realm in my OpenSSO and I was not able to use authentication module called „AuthenticationPlugin" which is used to GateIn authentication. So I also did these steps:
1) Login to OpenSSO as amadmin and then go to tab "Configuration" -> tab "Authentication" -> link "Core" -> add new value and I fill the class "org.gatein.sso.opensso.plugin.AuthenticationPlugin". This step is really important. Without it is AuthenticationPlugin not available among other OpenSSO authentication modules.
2) Go to tab "Access control" and create new realm called "gatein".
3) Go to my gatein realm and click to tab "Authentication". And click to "ldapService" at the bottom of the page in section Authentication chaining. Then I change "Datastore", which is default module in authentication chain, to "AuthenticationPlugin". This enable authentication of realm "gatein" with GateIn REST service and not with OpenSSO LDAP server.
4) In authentication of realm "gatein" - I went to "Advanced properties" and I changed UserProfile from "Required" to "Dynamic". This step is needed because gatein users are not in OpenSSO Datastore (LDAP server) and so their profile can't be obtained if "Required" is active. With using of "Dynamic" are all authenticated users automatically created to OpenSSO datastore after successfull authentication.
5) User privileges needs to be increased in OpenSSO. Otherwise method org.gatein.sso.agent.opensso.OpenSSOAgent.getSubject will fail in GateIn when obtaining data from OpenSSO RESTful interface due to insufficient privileges.
So in OpenSSO console, I went to "Access control" -> Top level realm -> "Privileges" tab -> All authenticated users -> Check last two checkboxes:
- Read and write access only for policy properties
- Read and write access to all realm and policy properties
I did the same for both top level realm and gatein realm.
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
15 years, 11 months
[JBoss JIRA] Created: (GTNPORTAL-994) JOSSO integration - documentation issues
by Marek Posolda (JIRA)
JOSSO integration - documentation issues
----------------------------------------
Key: GTNPORTAL-994
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-994
Project: GateIn Portal
Issue Type: Sub-task
Security Level: Public (Everyone can see)
Components: Documentation
Affects Versions: 3.0.0-GA
Environment: GateIn 3.0.0-GA+JBoss 5.1 bundle (8080 used for HTTP port),
JOSSO-1.8.1+Tomcat-6.0.20 bundle (8888 used for HTTP port),
reference guide from trunk (revision 2305)
Reporter: Marek Posolda
Assignee: Luc Texier
1) Reference guide (Section 3.3 - JOSSO) - In second sentence is said: "Details about OpenSSO can be found <link>here</link>." There are two issues in this sentence. First is that it should talk about JOSSO and not OpenSSO. Second is that link references CAS page ( http://www.ja-sig.org/products/cas/ ) but it should reference JOSSO page.
2) Section 3.3.2 (Setup the JOSSO client) - here is not mentioned that file $GATEIN_SSO/josso/gatein.ear/portal.war/WEB-INF/classes/josso-agent-config.xml needs to be also copied into GateIn (attention to portal.war which is named '02portal.war' in GateIn environment)
3) Section 3.3.2 - point 1 - small typo in "GATEIN_SS)/josso/gatein.ear/lib". Should be GATEIN_SSO
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
15 years, 11 months
[JBoss JIRA] Created: (GTNPORTAL-993) CAS integration - documentation issues
by Marek Posolda (JIRA)
CAS integration - documentation issues
--------------------------------------
Key: GTNPORTAL-993
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-993
Project: GateIn Portal
Issue Type: Sub-task
Security Level: Public (Everyone can see)
Components: Documentation
Affects Versions: 3.0.0-GA
Environment: GateIn-3.0.0-GA+JBoss 5.1 bundle (port 8080 for HTTP),
CAS 3.3.5 deployed on Tomcat 6.0.18 (port 8888 for HTTP),
Reference guide from trunk (revision 2305)
Reporter: Marek Posolda
Assignee: Luc Texier
Priority: Minor
1) Reference guide (Section 3.2.1.2 - Modifying CAS server , point 5). Here is mentioned that conflict can be on ports 8080 and 8005. But AJP port 8009 is not mentioned here even if this also needs to be changed or commented. I changed it to 8889 in my environment. (This is only detail. )
2) Reference guide (Section 3.2.2 point 3) - Here can be mentioned that GateIn needs to be started to test login into CAS (this is also only detail).
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
15 years, 11 months
[JBoss JIRA] Created: (GTNPORTAL-992) Generic SSO documentation issues
by Marek Posolda (JIRA)
Generic SSO documentation issues
--------------------------------
Key: GTNPORTAL-992
URL: https://jira.jboss.org/jira/browse/GTNPORTAL-992
Project: GateIn Portal
Issue Type: Sub-task
Security Level: Public (Everyone can see)
Components: Documentation
Affects Versions: 3.0.0-GA
Environment: GateIn-3.0.0-GA+JBoss 5.1 bundle,
Reference guide from trunk (revision 2305)
Reporter: Marek Posolda
Assignee: Luc Texier
1) Exact versions of SSO frameworks are not specified in reference guide, which seems to be potential problem. Because format of particular SSO framework or his configuration files can be changed and then integration with GateIn won't be successfull. For example: I did successfull integration with JOSSO-1.8.1+tomcat bundle. But latest version to download from http://sourceforge.net/projects/josso/files/ is JOSSO version 1.8.2-rev1573 and I felt into problems when I tried to integrate with this version.
2) In reference guide (section 3.1.1 - prerequisisities) is mentioned variable SSO_HOME where are unzipped GateIn sso libs. But in later text in reference guide is this variable referenced as GATEIN_SSO. This can be potential confusion which can be seen for example in this forum https://community.jboss.org/thread/148332?tstart=0
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://jira.jboss.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
15 years, 11 months