[jboss-user] [JBoss Portal] - JOSSO1.7 and JBoss Portal 2.6.4 - Authorization

CarstenRudat do-not-reply at jboss.com
Wed Mar 26 05:08:29 EDT 2008

Hi all,

I tried to integrate JOSSO to JBoss Portal 2.6.4 (ha deployment on JBoss 4.2.2.GA all-config). I followed first the instructions at josso.org (http://josso.org/confluence/display/JOSSO1/JBoss+4.2.html) and after that, I changed the integration like I'm supposed to do it from chapter 20.4. (JOSSO - Java Open Single SignOn) of the reference docs.

I have to mention, that I still have a "sso-session-manager", a "sso-session-store", "sso-session-id-generator", "sso-audit-manager" and a "sso-event-manager" in my josso-gateway-config.xml (as described at josso.org). Additionally, I have two valves in tomcat's server.xml, one for JBoss Portal SSO and one for JOSSO.

Now, after that, I can logon through JOSSO (the redirect in logon.jsp points me to a JOSSO logon form) and after typeing user : user, I'm logged on as "user" ("User portlet" and "Current users"-portlet says so, too). But I don't have access to those portlets that are configured to used by users with the role "User" (same as if I log on as admin:admin, then I have no admin area). So, it seams that the JAAS-Subject has no roles added.

Do I have to configure something else to have authorization with JOSSO, or does this not work at all? Or do I have to remove the stuff from josso-gateway-config.xml?

Thanks for help!

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4138891#4138891

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4138891

More information about the jboss-user mailing list