JBoss Portal SVN: r8164 - trunk/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/common.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2007-09-04 22:14:32 -0400 (Tue, 04 Sep 2007)
New Revision: 8164
Modified:
trunk/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/common/confirm.xhtml
Log:
- JBPORTAL-1657: Fixed issue with empty parent name (root case).
Modified: trunk/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/common/confirm.xhtml
===================================================================
--- trunk/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/common/confirm.xhtml 2007-09-05 02:14:20 UTC (rev 8163)
+++ trunk/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/common/confirm.xhtml 2007-09-05 02:14:32 UTC (rev 8164)
@@ -15,13 +15,15 @@
<h3>Delete <h:outputText value="#{portalobjectmgr.selectedObjectType}"/></h3>
<p class="portlet-msg-alert">WARNING! You are about to delete the
- <h:outputText value=" #{portalobjectmgr.selectedObject.name} "/>
- <h:outputText value="#{portalobjectmgr.selectedObject.typeName}"/> from the
- <h:outputText value=" #{portalobjectmgr.selectedObjectParent.name} "/>
- <h:outputText value="#{portalobjectmgr.selectedObjectParent.typeName}"/>!</p>
+ <span class="objectName">#{portalobjectmgr.selectedObject.name}</span>
+ #{portalobjectmgr.selectedObject.typeName} from the
+ <c:if test="#{not empty portalobjectmgr.selectedObjectParent.name}">
+ <span class="objectName">#{portalobjectmgr.selectedObjectParent.name}</span>
+ </c:if>
+ #{portalobjectmgr.selectedObjectParent.typeName}!
+ </p>
- <p class="portlet-class">Are you sure you want to delete this
- <h:outputText value="#{portalobjectmgr.selectedObjectType}"/>?</p>
+ <p class="portlet-class">Are you sure you want to delete this #{portalobjectmgr.selectedObjectType}?</p>
<h:form>
<h:commandButton value="Delete" action="objects" actionListener="#{portalobjectmgr.destroyObject}"
@@ -36,4 +38,4 @@
</ui:composition>
-</div>
+</div>
\ No newline at end of file
18 years, 8 months
JBoss Portal SVN: r8163 - branches/JBoss_Portal_Branch_2_6/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/common.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2007-09-04 22:14:20 -0400 (Tue, 04 Sep 2007)
New Revision: 8163
Modified:
branches/JBoss_Portal_Branch_2_6/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/common/confirm.xhtml
Log:
- JBPORTAL-1657: Fixed issue with empty parent name (root case).
Modified: branches/JBoss_Portal_Branch_2_6/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/common/confirm.xhtml
===================================================================
--- branches/JBoss_Portal_Branch_2_6/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/common/confirm.xhtml 2007-09-05 02:12:36 UTC (rev 8162)
+++ branches/JBoss_Portal_Branch_2_6/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/common/confirm.xhtml 2007-09-05 02:14:20 UTC (rev 8163)
@@ -15,13 +15,15 @@
<h3>Delete <h:outputText value="#{portalobjectmgr.selectedObjectType}"/></h3>
<p class="portlet-msg-alert">WARNING! You are about to delete the
- <h:outputText value=" #{portalobjectmgr.selectedObject.name} "/>
- <h:outputText value="#{portalobjectmgr.selectedObject.typeName}"/> from the
- <h:outputText value=" #{portalobjectmgr.selectedObjectParent.name} "/>
- <h:outputText value="#{portalobjectmgr.selectedObjectParent.typeName}"/>!</p>
+ <span class="objectName">#{portalobjectmgr.selectedObject.name}</span>
+ #{portalobjectmgr.selectedObject.typeName} from the
+ <c:if test="#{not empty portalobjectmgr.selectedObjectParent.name}">
+ <span class="objectName">#{portalobjectmgr.selectedObjectParent.name}</span>
+ </c:if>
+ #{portalobjectmgr.selectedObjectParent.typeName}!
+ </p>
- <p class="portlet-class">Are you sure you want to delete this
- <h:outputText value="#{portalobjectmgr.selectedObjectType}"/>?</p>
+ <p class="portlet-class">Are you sure you want to delete this #{portalobjectmgr.selectedObjectType}?</p>
<h:form>
<h:commandButton value="Delete" action="objects" actionListener="#{portalobjectmgr.destroyObject}"
18 years, 8 months
JBoss Portal SVN: r8162 - trunk/core-admin/src/resources/portal-admin-war/WEB-INF/jsf.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2007-09-04 22:12:36 -0400 (Tue, 04 Sep 2007)
New Revision: 8162
Modified:
trunk/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/confirmDeleteInstance.xhtml
Log:
- JBPORTAL-1657: Updated instance deletion confirmation page.
Modified: trunk/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/confirmDeleteInstance.xhtml
===================================================================
--- trunk/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/confirmDeleteInstance.xhtml 2007-09-05 02:12:23 UTC (rev 8161)
+++ trunk/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/confirmDeleteInstance.xhtml 2007-09-05 02:12:36 UTC (rev 8162)
@@ -6,17 +6,40 @@
xmlns:jbp="http://www.jboss.org/portal"
xmlns:c="http://java.sun.com/jstl/core"
class="admin-ui">
-
- <p class="portlet-msg-alert">WARNING ! You are about to delete the following portlet instance:</p>
- <h:outputText value="#{instancemgr.selectedInstance.id}"/>
-
- <p class="portlet-class">Are you sure ?</p>
-
- <h:form>
- <h:commandButton value="Yes" action="instances" actionListener="#{instancemgr.deleteInstance}" styleClass="portlet-form-button">
- <f:attribute name="instanceId" value="#{instancemgr.selectedInstance.id}"/>
- </h:commandButton>
- <h:commandButton value="No" action="instances" actionListener="objects" styleClass="portlet-form-button"/>
- </h:form>
+ <ui:composition template="instancesTemplate.xhtml">
+ <ui:define name="content">
+
+ <h:form>
+ <ul class="objectpath">
+ <li>
+ <h:commandLink action="instances">Portlet Instances</h:commandLink>
+ </li>
+ <li>></li>
+ <li class="selected">
+ <span class="objectName">#{instancemgr.selectedInstance.id}</span> instance Delete
+ </li>
+ </ul>
+ </h:form>
+ <br/>
+
+ <h3>Delete <span class="objectName">#{instancemgr.selectedInstance.id}</span></h3>
+
+ <p class="portlet-msg-alert">WARNING! You are about to delete the
+ <span class="objectName">#{instancemgr.selectedInstance.id}</span> portlet instance causing windows
+ referencing it to not be able to display their content anymore.
+ </p>
+
+ <p class="portlet-class">Are you sure you want to delete this portlet instance?</p>
+
+ <h:form>
+ <h:commandButton value="Delete" action="instances" actionListener="#{instancemgr.deleteInstance}"
+ styleClass="portlet-form-button">
+ <f:attribute name="instanceId" value="#{instancemgr.selectedInstance.id}"/>
+ </h:commandButton>
+ <h:commandButton value="Cancel" action="instances" actionListener="objects"
+ styleClass="portlet-form-button"/>
+ </h:form>
+ </ui:define>
+ </ui:composition>
</div>
\ No newline at end of file
18 years, 8 months
JBoss Portal SVN: r8161 - branches/JBoss_Portal_Branch_2_6/core-admin/src/resources/portal-admin-war/WEB-INF/jsf.
by portal-commits@lists.jboss.org
Author: chris.laprun(a)jboss.com
Date: 2007-09-04 22:12:23 -0400 (Tue, 04 Sep 2007)
New Revision: 8161
Modified:
branches/JBoss_Portal_Branch_2_6/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/confirmDeleteInstance.xhtml
Log:
- JBPORTAL-1657: Updated instance deletion confirmation page.
Modified: branches/JBoss_Portal_Branch_2_6/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/confirmDeleteInstance.xhtml
===================================================================
--- branches/JBoss_Portal_Branch_2_6/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/confirmDeleteInstance.xhtml 2007-09-05 02:05:06 UTC (rev 8160)
+++ branches/JBoss_Portal_Branch_2_6/core-admin/src/resources/portal-admin-war/WEB-INF/jsf/confirmDeleteInstance.xhtml 2007-09-05 02:12:23 UTC (rev 8161)
@@ -6,17 +6,40 @@
xmlns:jbp="http://www.jboss.org/portal"
xmlns:c="http://java.sun.com/jstl/core"
class="admin-ui">
-
- <p class="portlet-msg-alert">WARNING ! You are about to delete the following portlet instance:</p>
- <h:outputText value="#{instancemgr.selectedInstance.id}"/>
-
- <p class="portlet-class">Are you sure ?</p>
-
- <h:form>
- <h:commandButton value="Yes" action="instances" actionListener="#{instancemgr.deleteInstance}" styleClass="portlet-form-button">
- <f:attribute name="instanceId" value="#{instancemgr.selectedInstance.id}"/>
- </h:commandButton>
- <h:commandButton value="No" action="instances" actionListener="objects" styleClass="portlet-form-button"/>
- </h:form>
+ <ui:composition template="instancesTemplate.xhtml">
+ <ui:define name="content">
+
+ <h:form>
+ <ul class="objectpath">
+ <li>
+ <h:commandLink action="instances">Portlet Instances</h:commandLink>
+ </li>
+ <li>></li>
+ <li class="selected">
+ <span class="objectName">#{instancemgr.selectedInstance.id}</span> instance Delete
+ </li>
+ </ul>
+ </h:form>
+ <br/>
+
+ <h3>Delete <span class="objectName">#{instancemgr.selectedInstance.id}</span></h3>
+
+ <p class="portlet-msg-alert">WARNING! You are about to delete the
+ <span class="objectName">#{instancemgr.selectedInstance.id}</span> portlet instance causing windows
+ referencing it to not be able to display their content anymore.
+ </p>
+
+ <p class="portlet-class">Are you sure you want to delete this portlet instance?</p>
+
+ <h:form>
+ <h:commandButton value="Delete" action="instances" actionListener="#{instancemgr.deleteInstance}"
+ styleClass="portlet-form-button">
+ <f:attribute name="instanceId" value="#{instancemgr.selectedInstance.id}"/>
+ </h:commandButton>
+ <h:commandButton value="Cancel" action="instances" actionListener="objects"
+ styleClass="portlet-form-button"/>
+ </h:form>
+ </ui:define>
+ </ui:composition>
</div>
\ No newline at end of file
18 years, 8 months
JBoss Portal SVN: r8160 - trunk/cms/src/main/org/jboss/portal/cms/security.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2007-09-04 22:05:06 -0400 (Tue, 04 Sep 2007)
New Revision: 8160
Modified:
trunk/cms/src/main/org/jboss/portal/cms/security/AuthorizationProviderImpl.java
Log:
JBPORTAL-1499 - CMSAdminPortlet should use Users/Roles Module and not direct HQL query
Modified: trunk/cms/src/main/org/jboss/portal/cms/security/AuthorizationProviderImpl.java
===================================================================
--- trunk/cms/src/main/org/jboss/portal/cms/security/AuthorizationProviderImpl.java 2007-09-05 01:51:33 UTC (rev 8159)
+++ trunk/cms/src/main/org/jboss/portal/cms/security/AuthorizationProviderImpl.java 2007-09-05 02:05:06 UTC (rev 8160)
@@ -37,7 +37,7 @@
import org.jboss.portal.identity.Role;
import org.jboss.portal.identity.User;
import org.jboss.portal.identity.AnonymousRole;
-import org.jboss.portal.identity.ldap.LDAPUserModule;
+import org.jboss.portal.identity.db.HibernateUserModuleImpl;
import org.jboss.portal.jems.as.system.AbstractJBossService;
import org.jboss.portal.security.spi.provider.DomainConfigurator;
@@ -342,7 +342,7 @@
userQuery.setCacheable(true);
permissions.addAll(userQuery.list());
- if(!(this.userModule instanceof LDAPUserModule))
+ if(this.userModule instanceof HibernateUserModuleImpl)
{
//in case of a database version, use the cache optmized way to lookup the permissions
String lookupByRole = "SELECT p.* from jbp_cms_perm p,jbp_cms_perm_role r,jbp_role_membership m,jbp_roles roles,jbp_users users WHERE " +
18 years, 8 months
JBoss Portal SVN: r8159 - branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/security.
by portal-commits@lists.jboss.org
Author: sohil.shah(a)jboss.com
Date: 2007-09-04 21:51:33 -0400 (Tue, 04 Sep 2007)
New Revision: 8159
Modified:
branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/security/AuthorizationProviderImpl.java
Log:
JBPORTAL-1499 - CMSAdminPortlet should use Users/Roles Module and not direct HQL query
Modified: branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/security/AuthorizationProviderImpl.java
===================================================================
--- branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/security/AuthorizationProviderImpl.java 2007-09-04 22:24:54 UTC (rev 8158)
+++ branches/JBoss_Portal_Branch_2_6/cms/src/main/org/jboss/portal/cms/security/AuthorizationProviderImpl.java 2007-09-05 01:51:33 UTC (rev 8159)
@@ -37,7 +37,7 @@
import org.jboss.portal.identity.Role;
import org.jboss.portal.identity.User;
import org.jboss.portal.identity.AnonymousRole;
-import org.jboss.portal.identity.ldap.LDAPUserModule;
+import org.jboss.portal.identity.db.HibernateUserModuleImpl;
import org.jboss.portal.jems.as.system.AbstractJBossService;
import org.jboss.portal.security.spi.provider.DomainConfigurator;
@@ -342,7 +342,7 @@
userQuery.setCacheable(true);
permissions.addAll(userQuery.list());
- if(!(this.userModule instanceof LDAPUserModule))
+ if(this.userModule instanceof HibernateUserModuleImpl)
{
//in case of a database version, use the cache optmized way to lookup the permissions
String lookupByRole = "SELECT p.* from jbp_cms_perm p,jbp_cms_perm_role r,jbp_role_membership m,jbp_roles roles,jbp_users users WHERE " +
18 years, 8 months
JBoss Portal SVN: r8158 - docs/trunk/referenceGuide/en/modules.
by portal-commits@lists.jboss.org
Author: bdaw
Date: 2007-09-04 18:24:54 -0400 (Tue, 04 Sep 2007)
New Revision: 8158
Modified:
docs/trunk/referenceGuide/en/modules/sso.xml
Log:
JOSSO integration doc correction
Modified: docs/trunk/referenceGuide/en/modules/sso.xml
===================================================================
--- docs/trunk/referenceGuide/en/modules/sso.xml 2007-09-04 22:24:17 UTC (rev 8157)
+++ docs/trunk/referenceGuide/en/modules/sso.xml 2007-09-04 22:24:54 UTC (rev 8158)
@@ -380,16 +380,25 @@
<emphasis>Credential Store: </emphasis>
<programlisting>
<![CDATA[
+<!-- Basic Authentication Scheme -->
<authentication-scheme>
- <name>basic-authentication</name>
+ <name>basic-authentication</name>
+ <class>org.josso.auth.scheme.BindUsernamePasswordAuthScheme</class>
- ...
+ <!-- ================================================= -->
+ <!-- JBoss Portal Credential Store -->
+ <!-- ================================================= -->
+ <credential-store>
+ <class>org.jboss.portal.identity.sso.josso.JOSSOIdentityStore</class>
+ </credential-store>
- <credential-store>
- <class>org.jboss.portal.identity.sso.josso.JOSSOIdentityStore</class>
- </credential-store>
- ...
+ <!-- ================================================= -->
+ <!-- Credential Store Key adapter -->
+ <!-- ================================================= -->
+ <credential-store-key-adapter>
+ <class>org.josso.gateway.identity.service.store.SimpleIdentityStoreKeyAdapter</class>
+ </credential-store-key-adapter>
</authentication-scheme>
]]>
@@ -401,15 +410,23 @@
<![CDATA[
<sso-identity-manager>
- ...
+ <class>org.josso.gateway.identity.service.SSOIdentityManagerImpl</class>
- <sso-identity-store>
- <class>org.jboss.portal.identity.sso.josso.JOSSOIdentityStore</class>
- </sso-identity-store>
+ <!-- ================================================= -->
+ <!-- JBoss Portal Credential Store -->
+ <!-- ================================================= -->
+ <sso-identity-store>
+ <class>org.jboss.portal.identity.sso.josso.JOSSOIdentityStore</class>
+ </sso-identity-store>
- ...
+ <!-- ================================================= -->
+ <!-- Identity Store Key adapter -->
+ <!-- ================================================= -->
+ <sso-identity-store-key-adapter>
+ <class>org.josso.gateway.identity.service.store.SimpleIdentityStoreKeyAdapter</class>
+ </sso-identity-store-key-adapter>
-</sso-identity-manager>
+</sso-identity-manager>
]]>
</programlisting>
</listitem>
18 years, 8 months
JBoss Portal SVN: r8157 - docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules.
by portal-commits@lists.jboss.org
Author: bdaw
Date: 2007-09-04 18:24:17 -0400 (Tue, 04 Sep 2007)
New Revision: 8157
Modified:
docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules/sso.xml
Log:
JOSSO integration doc correction
Modified: docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules/sso.xml
===================================================================
--- docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules/sso.xml 2007-09-04 21:54:46 UTC (rev 8156)
+++ docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules/sso.xml 2007-09-04 22:24:17 UTC (rev 8157)
@@ -380,16 +380,25 @@
<emphasis>Credential Store: </emphasis>
<programlisting>
<![CDATA[
+<!-- Basic Authentication Scheme -->
<authentication-scheme>
- <name>basic-authentication</name>
+ <name>basic-authentication</name>
+ <class>org.josso.auth.scheme.BindUsernamePasswordAuthScheme</class>
- ...
+ <!-- ================================================= -->
+ <!-- JBoss Portal Credential Store -->
+ <!-- ================================================= -->
+ <credential-store>
+ <class>org.jboss.portal.identity.sso.josso.JOSSOIdentityStore</class>
+ </credential-store>
- <credential-store>
- <class>org.jboss.portal.identity.sso.josso.JOSSOIdentityStore</class>
- </credential-store>
- ...
+ <!-- ================================================= -->
+ <!-- Credential Store Key adapter -->
+ <!-- ================================================= -->
+ <credential-store-key-adapter>
+ <class>org.josso.gateway.identity.service.store.SimpleIdentityStoreKeyAdapter</class>
+ </credential-store-key-adapter>
</authentication-scheme>
]]>
@@ -401,15 +410,23 @@
<![CDATA[
<sso-identity-manager>
- ...
+ <class>org.josso.gateway.identity.service.SSOIdentityManagerImpl</class>
- <sso-identity-store>
- <class>org.jboss.portal.identity.sso.josso.JOSSOIdentityStore</class>
- </sso-identity-store>
+ <!-- ================================================= -->
+ <!-- JBoss Portal Credential Store -->
+ <!-- ================================================= -->
+ <sso-identity-store>
+ <class>org.jboss.portal.identity.sso.josso.JOSSOIdentityStore</class>
+ </sso-identity-store>
- ...
+ <!-- ================================================= -->
+ <!-- Identity Store Key adapter -->
+ <!-- ================================================= -->
+ <sso-identity-store-key-adapter>
+ <class>org.josso.gateway.identity.service.store.SimpleIdentityStoreKeyAdapter</class>
+ </sso-identity-store-key-adapter>
-</sso-identity-manager>
+</sso-identity-manager>
]]>
</programlisting>
</listitem>
18 years, 8 months
JBoss Portal SVN: r8156 - docs/trunk/referenceGuide/en/modules.
by portal-commits@lists.jboss.org
Author: bdaw
Date: 2007-09-04 17:54:46 -0400 (Tue, 04 Sep 2007)
New Revision: 8156
Modified:
docs/trunk/referenceGuide/en/modules/sso.xml
Log:
JOSSO integration doc
Modified: docs/trunk/referenceGuide/en/modules/sso.xml
===================================================================
--- docs/trunk/referenceGuide/en/modules/sso.xml 2007-09-04 21:51:32 UTC (rev 8155)
+++ docs/trunk/referenceGuide/en/modules/sso.xml 2007-09-04 21:54:46 UTC (rev 8156)
@@ -89,16 +89,16 @@
</security-role>]]>
</programlisting>
<para>This will secure <emphasis>jmx-console</emphasis> web application using BASIC browser authentication and restrict access for
- users with <emphasis>Admin</emphasis> role only.</para>
+ users with <emphasis>Admin</emphasis> role only.</para>
</listitem>
<listitem>
<para>
Edit <emphasis>$JBOSS_HOME/server/default/conf/props/jmx-console-roles.properties</emphasis> file and make it contain:
</para>
- <programlisting>
- <![CDATA[
+ <programlisting>
+ <![CDATA[
admin=JBossAdmin,HttpInvoker,Admin]]>
- </programlisting>
+ </programlisting>
<para>
This file is a simple identity store for this web application authentication. It will make user <emphasis>admin</emphasis> belongs to <emphasis>Admin</emphasis> role.
</para>
@@ -130,7 +130,7 @@
Edit <emphasis>$JBOSS_HOME/server/default/deploy/jbossweb-tomcat55.sar/server.xml</emphasis> file and uncomment
following line:
<programlisting>
- <![CDATA[
+ <![CDATA[
<Valve className=’org.apache.catalina.authenticator.SingleSignOn’/>]]>
</programlisting>
</para>
@@ -144,14 +144,14 @@
be asked for credentials when accessing <emphasis>jmx-console</emphasis>. This should work in both directions.
</para>
<note>Please note that in this example <emphasis>jmx-console</emphasis> uses <emphasis>BASIC</emphasis> authentication method.
- This means that user credentials are cached on the client side by browser and passed on each request. Once authenticated to clear
- authentication cache you may need to restart browser.</note>
+ This means that user credentials are cached on the client side by browser and passed on each request. Once authenticated to clear
+ authentication cache you may need to restart browser.</note>
</sect2>
</sect1>
<sect1>
- <title>CAS - Central Authentication Service</title>
- <para>This Single Sign On plugin enables seamless integration between JBoss Portal and the CAS Single Sign On Framework.
- Details about CAS can be found <ulink url="http://www.ja-sig.org/products/cas/">here</ulink></para>
+ <title>CAS - Central Authentication Service</title>
+ <para>This Single Sign On plugin enables seamless integration between JBoss Portal and the CAS Single Sign On Framework.
+ Details about CAS can be found <ulink url="http://www.ja-sig.org/products/cas/">here</ulink></para>
<sect2>
<title>Integration steps</title>
<note>The steps below assume that CAS server and JBoss Portal will be deployed on the same JBoss Application Server instance.
@@ -159,15 +159,20 @@
sligtly different for other deployment scenarios. Both JBoss Portal and CAS will need to be configured to authenticate against
same database or LDAP server. Please see CAS documentation to learn how to setup it up against proper identity store.</note>
<note>Configuration below assumes that JBoss Application Server is HTTPS enabled and operates on standard ports: 80 (for HTTP) and 443 (for HTTPS).</note>
- <para>
- <orderedlist>
- <listitem>
- Install CAS server (v 3.0.7). This should be as simple as deploying single <emphasis>cas.war</emphasis> file.
- </listitem>
- <listitem>
- Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/portal-server.war/WEB-INF/context.xml</emphasis> file and enable proper tomcat valve
- by uncommenting following lines:
- <programlisting>
+
+ <orderedlist>
+ <listitem>
+ Install CAS server (v 3.0.7). This should be as simple as deploying single <emphasis>cas.war</emphasis> file.
+ </listitem>
+ <listitem>
+ Copy <emphasis>portal-identity-lib.jar</emphasis> and <emphasis>portal-identity-sso-lib.jar</emphasis> files from
+ <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib</emphasis> to
+ <emphasis>$JBOSS_HOME/server/default/deploy/cas.war/WEB-INF/lib</emphasis>.
+ </listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/portal-server.war/WEB-INF/context.xml</emphasis> file and enable proper tomcat valve
+ by uncommenting following lines:
+ <programlisting>
<![CDATA[
<Valve className="org.jboss.portal.identity.sso.cas.CASAuthenticationValve"
casLogin="https://localhost/cas/login"
@@ -176,31 +181,31 @@
authType="FORM"
/>
]]>
- </programlisting>
- Update valve options as follow:
- <itemizedlist>
- <listitem>
- <emphasis>casLogin: </emphasis> URL of your CAS Authentication Server
- </listitem>
- <listitem>
- <emphasis>casValidate: </emphasis> URL of your CAS Authentication Server validation service
- </listitem>
- <listitem>
- <emphasis>casServerName:</emphasis> the hostname:port combination of your CAS Authentication Server
- </listitem>
- </itemizedlist>
- <note>CAS client requires to use SSL connection. To learn how to setup JBoss Application Server to use HTTPS see here</note>
- </listitem>
- <listitem>
- Copy <emphasis>casclient.jar</emphasis> into <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib</emphasis>.
- You can download this file from CAS homepage or from JBoss repository under <emphasis>http://repository.jboss.com/cas/3.0.7/lib/</emphasis>
- <note>The CAS engine does not accept self-signed SSL certificates. This requirement is fine for production use where a production
- level SSL certificate is available. However, for testing purposes, this can get a little annoying. Hence, if you are having this issue,
- you can use <emphasis>casclient-lenient.jar</emphasis> instead.</note>
- </listitem>
- <listitem>
- Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/META-INF/jboss-service.xml</emphasis> file and uncomment following lines:
- <programlisting>
+ </programlisting>
+ Update valve options as follow:
+ <itemizedlist>
+ <listitem>
+ <emphasis>casLogin: </emphasis> URL of your CAS Authentication Server
+ </listitem>
+ <listitem>
+ <emphasis>casValidate: </emphasis> URL of your CAS Authentication Server validation service
+ </listitem>
+ <listitem>
+ <emphasis>casServerName:</emphasis> the hostname:port combination of your CAS Authentication Server
+ </listitem>
+ </itemizedlist>
+ <note>CAS client requires to use SSL connection. To learn how to setup JBoss Application Server to use HTTPS see here</note>
+ </listitem>
+ <listitem>
+ Copy <emphasis>casclient.jar</emphasis> into <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib</emphasis>.
+ You can download this file from CAS homepage or from JBoss repository under <emphasis>http://repository.jboss.com/cas/3.0.7/lib/</emphasis>
+ <note>The CAS engine does not accept self-signed SSL certificates. This requirement is fine for production use where a production
+ level SSL certificate is available. However, for testing purposes, this can get a little annoying. Hence, if you are having this issue,
+ you can use <emphasis>casclient-lenient.jar</emphasis> instead.</note>
+ </listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/META-INF/jboss-service.xml</emphasis> file and uncomment following lines:
+ <programlisting>
<![CDATA[
<mbean
code="org.jboss.portal.identity.sso.cas.CASAuthenticationService"
@@ -212,22 +217,22 @@
<attribute name="HavingRole"></attribute>
</mbean>
]]>
- </programlisting>
- This will expose special service in JBoss Portal that can be leveraged by CAS AuthenticationHandler if the server is deployed on the same
- application server instance. This AuthenticationHandler will be enabled in next 2 steps.
- </listitem>
- <listitem>
- Edit <emphasis>$JBOSS_HOME/server/default/deploy/cas.war/WEB-INF/deployerConfigContext.xml</emphasis> and add following line in the
- <emphasis>authenticationHandlers</emphasis> section:
- <programlisting>
+ </programlisting>
+ This will expose special service in JBoss Portal that can be leveraged by CAS AuthenticationHandler if the server is deployed on the same
+ application server instance. This AuthenticationHandler will be enabled in next 2 steps.
+ </listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/cas.war/WEB-INF/deployerConfigContext.xml</emphasis> and add following line in the
+ <emphasis>authenticationHandlers</emphasis> section:
+ <programlisting>
<![CDATA[
<bean class="org.jboss.portal.identity.sso.cas.CASAuthenticationHandler" />
]]>
- </programlisting>
- This can replace default <emphasis>SimpleTestUsernamePasswordAuthenticationHandler</emphasis> so whole part of this config file can look
- as follows:
+ </programlisting>
+ This can replace default <emphasis>SimpleTestUsernamePasswordAuthenticationHandler</emphasis> so whole part of this config file can look
+ as follows:
- <programlisting>
+ <programlisting>
<![CDATA[
<property name="authenticationHandlers">
<list>
@@ -253,13 +258,163 @@
</list>
</property>
]]>
+ </programlisting>
+ </listitem>
+ </orderedlist>
+ <para>
+ To test the integration:
+ <itemizedlist>
+ <listitem>Go to your portal. Typically, http://localhost:8080/portal</listitem>
+ <listitem>Click on the "Login" link on the main portal page</listitem>
+ <listitem>This should bring up the CAS Authentication Server's login screen instead of the default JBoss Portal login screen</listitem>
+ <listitem>Input your portal username and password. For built-in portal login try user:user or admin:admin</listitem>
+ <listitem>If login is successfull, you should be redirected back to the portal with the appropriate user logged in</listitem>
+ </itemizedlist>
+ </para>
+ </sect2>
+ </sect1>
+ <sect1>
+ <title>JOSSO - Java Open Single SignOn</title>
+ <para>JBoss Portal enables seamless integration with JOSSO server. More details on JOSSO can be found
+ <ulink url="http://www.josso.org/">here</ulink></para>
+ <note>The steps below assume that JOSS server and JBoss Portal will be deployed on the same JBoss Application Server instance.
+ JOSSO will be configured to leverage identity services exposed by JBoss Portal to perform authentication. Procedure may be
+ sligtly different for other deployment scenarios. Both JBoss Portal and JOSSO will need to be configured to authenticate against
+ same database or LDAP server. Please see JOSSO documentation to learn how to setup it up against proper identity store.</note>
+ <note>Configuration below assumes that JOSSO is already installed and deployed in the JBoss Application Server. This involves adding proper jar files
+ into the classpath and altering several configuration files (adding tomcat valves, security realm and specific JOSSO configuration files).
+ For JBoss setup please refer to JOSSO <ulink url="http://www.josso.org/jboss4-howto.html">documentation</ulink></note>
+ <sect2>
+ <title>Integration steps</title>
+
+ <para>
+ <orderedlist>
+ <listitem>
+ Copy <emphasis>portal-identity-lib.jar</emphasis> and <emphasis>portal-identity-sso-lib.jar</emphasis> files from
+ <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib</emphasis> to
+ <emphasis>$JBOSS_HOME/server/default/deploy/josso.ear/josso.war/WEB-INF/lib</emphasis>.
+ </listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/portal-server.war/WEB-INF/context.xml</emphasis> file and enable proper tomcat valve
+ by uncommenting following lines:
+ <programlisting>
+ <![CDATA[
+<Valve className="org.jboss.portal.identity.sso.josso.JOSSOLogoutValve"/>
+ ]]>
</programlisting>
</listitem>
<listitem>
- Copy portal-identity-lib.jar and portal-identity-sso-lib.jar files from
- <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib</emphasis> to
- <emphasis>$JBOSS_HOME/server/default/deploy/cas.war/WEB-INF/lib</emphasis>.
+ Edit <emphasis>$JBOSS_HOME/server/default/config/josso-agent-config.xml</emphasis> and mapping for portal web application:
+ <programlisting>
+ <![CDATA[
+<partner-apps>
+
+ ...
+
+ <partner-app>
+ <context>/portal</context>
+ </partner-app>
+
+ ...
+
+ </partner-apps>
+ ]]>
+ </programlisting>
+ Complete config file can look as follows:
+ <programlisting>
+ <![CDATA[
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<agent>
+ <class>org.josso.jb4.agent.JBossCatalinaSSOAgent</class>
+ <gatewayLoginUrl>http://localhost:8080/josso/signon/login.do</gatewayLoginUrl>
+ <gatewayLogoutUrl>http://localhost:8080/josso/signon/logout.do</gatewayLogoutUrl>
+ <service-locator>
+ <class>org.josso.gateway.WebserviceGatewayServiceLocator</class>
+ <endpoint>localhost:8080</endpoint>
+ </service-locator>
+ <partner-apps>
+ <partner-app>
+ <context>/partnerapp</context>
+ </partner-app>
+ <partner-app>
+ <context>/portal</context>
+ </partner-app>
+ </partner-apps>
+</agent>
+ ]]>
+ </programlisting>
</listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/portal-server.war/login.jsp</emphasis> and
+ <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/portal-server.war/erros.jsp</emphasis> and uncomment following line:
+ <programlisting>
+ <![CDATA[
+<%
+ response.sendRedirect(request.getContextPath() + "/josso_login/");
+%>
+ ]]>
+ </programlisting>
+ (make sure to remove java style comment '/* */' - not the xml one).
+ </listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/META-INF/jboss-service.xml</emphasis> file and uncomment following lines:
+ <programlisting>
+ <![CDATA[
+<mbean
+ code="org.jboss.portal.identity.sso.josso.JOSSOIdentityServiceImpl"
+ name="portal:service=Module,type=JOSSOIdentityService"
+ xmbean-dd=""
+ xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+ <xmbean/>
+ <depends>portal:service=Module,type=IdentityServiceController</depends>
+</mbean>
+ ]]>
+ </programlisting>
+ This will expose special service in JBoss Portal that can be leveraged by JOSSO Credential and Identity Stores if the server is deployed on the same
+ application server instance.
+ </listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/josso.ear/josso.war/WEB-INF/classes/josso-gateway-config.xml</emphasis> and configure following elements:
+ <itemizedlist>
+ <listitem>
+ <emphasis>Credential Store: </emphasis>
+ <programlisting>
+ <![CDATA[
+<authentication-scheme>
+ <name>basic-authentication</name>
+
+ ...
+
+ <credential-store>
+ <class>org.jboss.portal.identity.sso.josso.JOSSOIdentityStore</class>
+ </credential-store>
+
+ ...
+
+</authentication-scheme>
+ ]]>
+ </programlisting>
+ </listitem>
+ <listitem>
+ <emphasis>SSO Identity Store: </emphasis>
+ <programlisting>
+ <![CDATA[
+<sso-identity-manager>
+
+ ...
+
+ <sso-identity-store>
+ <class>org.jboss.portal.identity.sso.josso.JOSSOIdentityStore</class>
+ </sso-identity-store>
+
+ ...
+
+</sso-identity-manager>
+ ]]>
+ </programlisting>
+ </listitem>
+ </itemizedlist>
+ </listitem>
</orderedlist>
</para>
<para>
@@ -267,7 +422,7 @@
<itemizedlist>
<listitem>Go to your portal. Typically, http://localhost:8080/portal</listitem>
<listitem>Click on the "Login" link on the main portal page</listitem>
- <listitem>This should bring up the CAS Authentication Server's login screen instead of the default JBoss Portal login screen</listitem>
+ <listitem>This should bring up the JOSSO login screen instead of the default JBoss Portal login screen</listitem>
<listitem>Input your portal username and password. For built-in portal login try user:user or admin:admin</listitem>
<listitem>If login is successfull, you should be redirected back to the portal with the appropriate user logged in</listitem>
</itemizedlist>
18 years, 8 months
JBoss Portal SVN: r8155 - docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules.
by portal-commits@lists.jboss.org
Author: bdaw
Date: 2007-09-04 17:51:32 -0400 (Tue, 04 Sep 2007)
New Revision: 8155
Modified:
docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules/sso.xml
Log:
JOSSO integration doc
Modified: docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules/sso.xml
===================================================================
--- docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules/sso.xml 2007-09-04 19:20:16 UTC (rev 8154)
+++ docs/branches/JBoss_Portal_Branch_2_6/referenceGuide/en/modules/sso.xml 2007-09-04 21:51:32 UTC (rev 8155)
@@ -89,16 +89,16 @@
</security-role>]]>
</programlisting>
<para>This will secure <emphasis>jmx-console</emphasis> web application using BASIC browser authentication and restrict access for
- users with <emphasis>Admin</emphasis> role only.</para>
+ users with <emphasis>Admin</emphasis> role only.</para>
</listitem>
<listitem>
<para>
Edit <emphasis>$JBOSS_HOME/server/default/conf/props/jmx-console-roles.properties</emphasis> file and make it contain:
</para>
- <programlisting>
- <![CDATA[
+ <programlisting>
+ <![CDATA[
admin=JBossAdmin,HttpInvoker,Admin]]>
- </programlisting>
+ </programlisting>
<para>
This file is a simple identity store for this web application authentication. It will make user <emphasis>admin</emphasis> belongs to <emphasis>Admin</emphasis> role.
</para>
@@ -130,7 +130,7 @@
Edit <emphasis>$JBOSS_HOME/server/default/deploy/jbossweb-tomcat55.sar/server.xml</emphasis> file and uncomment
following line:
<programlisting>
- <![CDATA[
+ <![CDATA[
<Valve className=’org.apache.catalina.authenticator.SingleSignOn’/>]]>
</programlisting>
</para>
@@ -144,14 +144,14 @@
be asked for credentials when accessing <emphasis>jmx-console</emphasis>. This should work in both directions.
</para>
<note>Please note that in this example <emphasis>jmx-console</emphasis> uses <emphasis>BASIC</emphasis> authentication method.
- This means that user credentials are cached on the client side by browser and passed on each request. Once authenticated to clear
- authentication cache you may need to restart browser.</note>
+ This means that user credentials are cached on the client side by browser and passed on each request. Once authenticated to clear
+ authentication cache you may need to restart browser.</note>
</sect2>
</sect1>
<sect1>
- <title>CAS - Central Authentication Service</title>
- <para>This Single Sign On plugin enables seamless integration between JBoss Portal and the CAS Single Sign On Framework.
- Details about CAS can be found <ulink url="http://www.ja-sig.org/products/cas/">here</ulink></para>
+ <title>CAS - Central Authentication Service</title>
+ <para>This Single Sign On plugin enables seamless integration between JBoss Portal and the CAS Single Sign On Framework.
+ Details about CAS can be found <ulink url="http://www.ja-sig.org/products/cas/">here</ulink></para>
<sect2>
<title>Integration steps</title>
<note>The steps below assume that CAS server and JBoss Portal will be deployed on the same JBoss Application Server instance.
@@ -159,15 +159,20 @@
sligtly different for other deployment scenarios. Both JBoss Portal and CAS will need to be configured to authenticate against
same database or LDAP server. Please see CAS documentation to learn how to setup it up against proper identity store.</note>
<note>Configuration below assumes that JBoss Application Server is HTTPS enabled and operates on standard ports: 80 (for HTTP) and 443 (for HTTPS).</note>
- <para>
- <orderedlist>
- <listitem>
- Install CAS server (v 3.0.7). This should be as simple as deploying single <emphasis>cas.war</emphasis> file.
- </listitem>
- <listitem>
- Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/portal-server.war/WEB-INF/context.xml</emphasis> file and enable proper tomcat valve
- by uncommenting following lines:
- <programlisting>
+
+ <orderedlist>
+ <listitem>
+ Install CAS server (v 3.0.7). This should be as simple as deploying single <emphasis>cas.war</emphasis> file.
+ </listitem>
+ <listitem>
+ Copy <emphasis>portal-identity-lib.jar</emphasis> and <emphasis>portal-identity-sso-lib.jar</emphasis> files from
+ <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib</emphasis> to
+ <emphasis>$JBOSS_HOME/server/default/deploy/cas.war/WEB-INF/lib</emphasis>.
+ </listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/portal-server.war/WEB-INF/context.xml</emphasis> file and enable proper tomcat valve
+ by uncommenting following lines:
+ <programlisting>
<![CDATA[
<Valve className="org.jboss.portal.identity.sso.cas.CASAuthenticationValve"
casLogin="https://localhost/cas/login"
@@ -176,31 +181,31 @@
authType="FORM"
/>
]]>
- </programlisting>
- Update valve options as follow:
- <itemizedlist>
- <listitem>
- <emphasis>casLogin: </emphasis> URL of your CAS Authentication Server
- </listitem>
- <listitem>
- <emphasis>casValidate: </emphasis> URL of your CAS Authentication Server validation service
- </listitem>
- <listitem>
- <emphasis>casServerName:</emphasis> the hostname:port combination of your CAS Authentication Server
- </listitem>
- </itemizedlist>
- <note>CAS client requires to use SSL connection. To learn how to setup JBoss Application Server to use HTTPS see here</note>
- </listitem>
- <listitem>
- Copy <emphasis>casclient.jar</emphasis> into <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib</emphasis>.
- You can download this file from CAS homepage or from JBoss repository under <emphasis>http://repository.jboss.com/cas/3.0.7/lib/</emphasis>
- <note>The CAS engine does not accept self-signed SSL certificates. This requirement is fine for production use where a production
- level SSL certificate is available. However, for testing purposes, this can get a little annoying. Hence, if you are having this issue,
- you can use <emphasis>casclient-lenient.jar</emphasis> instead.</note>
- </listitem>
- <listitem>
- Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/META-INF/jboss-service.xml</emphasis> file and uncomment following lines:
- <programlisting>
+ </programlisting>
+ Update valve options as follow:
+ <itemizedlist>
+ <listitem>
+ <emphasis>casLogin: </emphasis> URL of your CAS Authentication Server
+ </listitem>
+ <listitem>
+ <emphasis>casValidate: </emphasis> URL of your CAS Authentication Server validation service
+ </listitem>
+ <listitem>
+ <emphasis>casServerName:</emphasis> the hostname:port combination of your CAS Authentication Server
+ </listitem>
+ </itemizedlist>
+ <note>CAS client requires to use SSL connection. To learn how to setup JBoss Application Server to use HTTPS see here</note>
+ </listitem>
+ <listitem>
+ Copy <emphasis>casclient.jar</emphasis> into <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib</emphasis>.
+ You can download this file from CAS homepage or from JBoss repository under <emphasis>http://repository.jboss.com/cas/3.0.7/lib/</emphasis>
+ <note>The CAS engine does not accept self-signed SSL certificates. This requirement is fine for production use where a production
+ level SSL certificate is available. However, for testing purposes, this can get a little annoying. Hence, if you are having this issue,
+ you can use <emphasis>casclient-lenient.jar</emphasis> instead.</note>
+ </listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/META-INF/jboss-service.xml</emphasis> file and uncomment following lines:
+ <programlisting>
<![CDATA[
<mbean
code="org.jboss.portal.identity.sso.cas.CASAuthenticationService"
@@ -212,22 +217,22 @@
<attribute name="HavingRole"></attribute>
</mbean>
]]>
- </programlisting>
- This will expose special service in JBoss Portal that can be leveraged by CAS AuthenticationHandler if the server is deployed on the same
- application server instance. This AuthenticationHandler will be enabled in next 2 steps.
- </listitem>
- <listitem>
- Edit <emphasis>$JBOSS_HOME/server/default/deploy/cas.war/WEB-INF/deployerConfigContext.xml</emphasis> and add following line in the
- <emphasis>authenticationHandlers</emphasis> section:
- <programlisting>
+ </programlisting>
+ This will expose special service in JBoss Portal that can be leveraged by CAS AuthenticationHandler if the server is deployed on the same
+ application server instance. This AuthenticationHandler will be enabled in next 2 steps.
+ </listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/cas.war/WEB-INF/deployerConfigContext.xml</emphasis> and add following line in the
+ <emphasis>authenticationHandlers</emphasis> section:
+ <programlisting>
<![CDATA[
<bean class="org.jboss.portal.identity.sso.cas.CASAuthenticationHandler" />
]]>
- </programlisting>
- This can replace default <emphasis>SimpleTestUsernamePasswordAuthenticationHandler</emphasis> so whole part of this config file can look
- as follows:
+ </programlisting>
+ This can replace default <emphasis>SimpleTestUsernamePasswordAuthenticationHandler</emphasis> so whole part of this config file can look
+ as follows:
- <programlisting>
+ <programlisting>
<![CDATA[
<property name="authenticationHandlers">
<list>
@@ -253,13 +258,163 @@
</list>
</property>
]]>
+ </programlisting>
+ </listitem>
+ </orderedlist>
+ <para>
+ To test the integration:
+ <itemizedlist>
+ <listitem>Go to your portal. Typically, http://localhost:8080/portal</listitem>
+ <listitem>Click on the "Login" link on the main portal page</listitem>
+ <listitem>This should bring up the CAS Authentication Server's login screen instead of the default JBoss Portal login screen</listitem>
+ <listitem>Input your portal username and password. For built-in portal login try user:user or admin:admin</listitem>
+ <listitem>If login is successfull, you should be redirected back to the portal with the appropriate user logged in</listitem>
+ </itemizedlist>
+ </para>
+ </sect2>
+ </sect1>
+ <sect1>
+ <title>JOSSO - Java Open Single SignOn</title>
+ <para>JBoss Portal enables seamless integration with JOSSO server. More details on JOSSO can be found
+ <ulink url="http://www.josso.org/">here</ulink></para>
+ <note>The steps below assume that JOSS server and JBoss Portal will be deployed on the same JBoss Application Server instance.
+ JOSSO will be configured to leverage identity services exposed by JBoss Portal to perform authentication. Procedure may be
+ sligtly different for other deployment scenarios. Both JBoss Portal and JOSSO will need to be configured to authenticate against
+ same database or LDAP server. Please see JOSSO documentation to learn how to setup it up against proper identity store.</note>
+ <note>Configuration below assumes that JOSSO is already installed and deployed in the JBoss Application Server. This involves adding proper jar files
+ into the classpath and altering several configuration files (adding tomcat valves, security realm and specific JOSSO configuration files).
+ For JBoss setup please refer to JOSSO <ulink url="http://www.josso.org/jboss4-howto.html">documentation</ulink></note>
+ <sect2>
+ <title>Integration steps</title>
+
+ <para>
+ <orderedlist>
+ <listitem>
+ Copy <emphasis>portal-identity-lib.jar</emphasis> and <emphasis>portal-identity-sso-lib.jar</emphasis> files from
+ <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib</emphasis> to
+ <emphasis>$JBOSS_HOME/server/default/deploy/josso.ear/josso.war/WEB-INF/lib</emphasis>.
+ </listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/portal-server.war/WEB-INF/context.xml</emphasis> file and enable proper tomcat valve
+ by uncommenting following lines:
+ <programlisting>
+ <![CDATA[
+<Valve className="org.jboss.portal.identity.sso.josso.JOSSOLogoutValve"/>
+ ]]>
</programlisting>
</listitem>
<listitem>
- Copy portal-identity-lib.jar and portal-identity-sso-lib.jar files from
- <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/lib</emphasis> to
- <emphasis>$JBOSS_HOME/server/default/deploy/cas.war/WEB-INF/lib</emphasis>.
+ Edit <emphasis>$JBOSS_HOME/server/default/config/josso-agent-config.xml</emphasis> and mapping for portal web application:
+ <programlisting>
+ <![CDATA[
+<partner-apps>
+
+ ...
+
+ <partner-app>
+ <context>/portal</context>
+ </partner-app>
+
+ ...
+
+ </partner-apps>
+ ]]>
+ </programlisting>
+ Complete config file can look as follows:
+ <programlisting>
+ <![CDATA[
+<?xml version="1.0" encoding="ISO-8859-1" ?>
+<agent>
+ <class>org.josso.jb4.agent.JBossCatalinaSSOAgent</class>
+ <gatewayLoginUrl>http://localhost:8080/josso/signon/login.do</gatewayLoginUrl>
+ <gatewayLogoutUrl>http://localhost:8080/josso/signon/logout.do</gatewayLogoutUrl>
+ <service-locator>
+ <class>org.josso.gateway.WebserviceGatewayServiceLocator</class>
+ <endpoint>localhost:8080</endpoint>
+ </service-locator>
+ <partner-apps>
+ <partner-app>
+ <context>/partnerapp</context>
+ </partner-app>
+ <partner-app>
+ <context>/portal</context>
+ </partner-app>
+ </partner-apps>
+</agent>
+ ]]>
+ </programlisting>
</listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/portal-server.war/login.jsp</emphasis> and
+ <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/portal-server.war/erros.jsp</emphasis> and uncomment following line:
+ <programlisting>
+ <![CDATA[
+<%
+ response.sendRedirect(request.getContextPath() + "/josso_login/");
+%>
+ ]]>
+ </programlisting>
+ (make sure to remove java style comment '/* */' - not the xml one).
+ </listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/jboss-portal.sar/META-INF/jboss-service.xml</emphasis> file and uncomment following lines:
+ <programlisting>
+ <![CDATA[
+<mbean
+ code="org.jboss.portal.identity.sso.josso.JOSSOIdentityServiceImpl"
+ name="portal:service=Module,type=JOSSOIdentityService"
+ xmbean-dd=""
+ xmbean-code="org.jboss.portal.jems.as.system.JBossServiceModelMBean">
+ <xmbean/>
+ <depends>portal:service=Module,type=IdentityServiceController</depends>
+</mbean>
+ ]]>
+ </programlisting>
+ This will expose special service in JBoss Portal that can be leveraged by JOSSO Credential and Identity Stores if the server is deployed on the same
+ application server instance.
+ </listitem>
+ <listitem>
+ Edit <emphasis>$JBOSS_HOME/server/default/deploy/josso.ear/josso.war/WEB-INF/classes/josso-gateway-config.xml</emphasis> and configure following elements:
+ <itemizedlist>
+ <listitem>
+ <emphasis>Credential Store: </emphasis>
+ <programlisting>
+ <![CDATA[
+<authentication-scheme>
+ <name>basic-authentication</name>
+
+ ...
+
+ <credential-store>
+ <class>org.jboss.portal.identity.sso.josso.JOSSOIdentityStore</class>
+ </credential-store>
+
+ ...
+
+</authentication-scheme>
+ ]]>
+ </programlisting>
+ </listitem>
+ <listitem>
+ <emphasis>SSO Identity Store: </emphasis>
+ <programlisting>
+ <![CDATA[
+<sso-identity-manager>
+
+ ...
+
+ <sso-identity-store>
+ <class>org.jboss.portal.identity.sso.josso.JOSSOIdentityStore</class>
+ </sso-identity-store>
+
+ ...
+
+</sso-identity-manager>
+ ]]>
+ </programlisting>
+ </listitem>
+ </itemizedlist>
+ </listitem>
</orderedlist>
</para>
<para>
@@ -267,7 +422,7 @@
<itemizedlist>
<listitem>Go to your portal. Typically, http://localhost:8080/portal</listitem>
<listitem>Click on the "Login" link on the main portal page</listitem>
- <listitem>This should bring up the CAS Authentication Server's login screen instead of the default JBoss Portal login screen</listitem>
+ <listitem>This should bring up the JOSSO login screen instead of the default JBoss Portal login screen</listitem>
<listitem>Input your portal username and password. For built-in portal login try user:user or admin:admin</listitem>
<listitem>If login is successfull, you should be redirected back to the portal with the appropriate user logged in</listitem>
</itemizedlist>
18 years, 8 months