11:18 a.m.
Marek Posolda created GTNPORTAL-2698:
----------------------------------------
Summary: Check CustomMembershipLoginModule and make it work on latest GateIn
Key: GTNPORTAL-2698
URL: https://issues.jboss.org/browse/GTNPORTAL-2698
Project: GateIn Portal
Issue Type: Task
Security Level: Public (Everyone can see)
Affects Versions: 3.5.0.Beta01
Reporter: Marek Posolda
Assignee: Marek Posolda
Fix For: 3.5.0.Beta02
It will likely won't work due to authentication changes. Some changes in code would be
probably needed to make it work again.
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:27 p.m.
[
https://issues.jboss.org/browse/GTNPORTAL-2698?page=com.atlassian.jira.pl...
]
Boleslaw Dawidowicz updated GTNPORTAL-2698:
-------------------------------------------
Fix Version/s: 3.5.0.Final
(was: 3.5.0.Beta02)
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
3:28 a.m.
[
https://issues.jboss.org/browse/GTNPORTAL-2698?page=com.atlassian.jira.pl...
]
Marek Posolda updated GTNPORTAL-2698:
-------------------------------------
Status: Pull Request Sent (was: Open)
Git Pull Request: https://github.com/gatein/gatein-portal/pull/269
Added InitSharedStateLoginModule, which can be used in chain with SharedStateLoginModule
and CustomMembershipLoginModule. Both InitSharedStateLoginModule and
SharedStateLoginModule will ensure that Identity is in shared state before
CustomMembershipLoginModule will be executed, so it can reuse identity and add additional
membership.
So for using CustomMembershipLoginModule with non-sso flow, LM chain can be configured in
JBoss AS7 standalone.xml like this:
{code}
<security-domain name="gatein-domain"
cache-type="default">
<authentication>
<login-module
code="org.exoplatform.web.security.InitSharedStateLoginModule"
flag="required">
<module-option name="portalContainerName"
value="portal"/>
<module-option name="realmName"
value="gatein-domain"/>
</login-module>
<login-module
code="org.exoplatform.services.security.jaas.SharedStateLoginModule"
flag="required">
<module-option name="portalContainerName"
value="portal"/>
<module-option name="realmName"
value="gatein-domain"/>
</login-module>
<login-module
code="org.exoplatform.services.organization.idm.CustomMembershipLoginModule"
flag="required">
<module-option name="portalContainerName"
value="portal"/>
<module-option name="realmName"
value="gatein-domain"/>
<module-option name="membershipType" value="member" />
<module-option name="groupId" value="/platform/users" />
</login-module>
<login-module
code="org.exoplatform.services.security.j2ee.JBossAS7LoginModule"
flag="required">
<module-option name="portalContainerName"
value="portal"/>
<module-option name="realmName"
value="gatein-domain"/>
</login-module>
</authentication>
</security-domain>
{code}
For SSO case, it's sufficient to add CustomMembershipLoginModule after
SSODelegateLoginModule (SSODelegateLoginModule is used by establish identity into shared
state during SSO flow)
{code}
<security-domain name="gatein-domain"
cache-type="default">
<authentication>
<login-module
code="org.gatein.sso.integration.SSODelegateLoginModule"
flag="required">
<module-option name="enabled"
value="${gatein.sso.login.module.enabled}" />
<module-option name="delegateClassName"
value="${gatein.sso.login.module.class}" />
<module-option name="portalContainerName"
value="portal" />
<module-option name="realmName"
value="gatein-domain" />
<module-option name="password-stacking"
value="useFirstPass" />
</login-module>
<login-module
code="org.exoplatform.services.organization.idm.CustomMembershipLoginModule"
flag="required">
<module-option name="portalContainerName"
value="portal"/>
<module-option name="realmName"
value="gatein-domain"/>
<module-option name="membershipType" value="member" />
<module-option name="groupId" value="/platform" />
</login-module>
<login-module
code="org.exoplatform.services.security.j2ee.JBossAS7LoginModule"
flag="required">
<module-option name="portalContainerName"
value="portal"/>
<module-option name="realmName"
value="gatein-domain"/>
</login-module>
</authentication>
</security-domain>
{code}
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
8:06 a.m.
[
https://issues.jboss.org/browse/GTNPORTAL-2698?page=com.atlassian.jira.pl...
]
Boleslaw Dawidowicz updated GTNPORTAL-2698:
-------------------------------------------
Status: Resolved (was: Pull Request Sent)
Resolution: Done
--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira
4523
days inactive
4539
days old
3 comments
2 participants
participants (2)
-
Boleslaw Dawidowicz (JIRA) -
Marek Posolda (JIRA)