Hi all, I have uploaded a patch to support SSO when OFBiz is clustered. Please see https://issues.apache.org/jira/browse/OFBIZ-10123 for patch and further discussion.
Regards, James Yong On 2017/12/10 15:42:32, "James Yong"<jamesy...@apache.org> wrote: > Hi Taher, all, > > Sorry for the late reply. > I have created a JIRA issue for further discussion and also uploaded a > proof-of-concept. > Please see https://issues.apache.org/jira/projects/OFBIZ/issues/OFBIZ-10047 > > Regards, > James Yong > > On 2017-11-07 03:42, Taher Alkhateeb <slidingfilame...@gmail.com> wrote: > > Perhaps sharing exactly how you'd like to implement this would help. > > > > On Sun, Nov 5, 2017 at 7:12 PM, James Yong <jamesy...@apache.org> wrote: > > > Hi all, > > > > > > I would like to revisit this issue. Specifically on whether implementing > > > Tomcat SSO to avoid using externalLoginKey is a sound approach. Thanks. > > > > > > Regards, > > > James Yong > > > > > > On 2017-05-05 18:02, Taher Alkhateeb <slidingfilame...@gmail.com> wrote: > > >> I've been contemplating this for a while, but it is not an easy task. > > >> Essentially, we need to fully refactor the Catalina Container and do a > > >> lot > > >> of cleanup to reverse the way OFBiz is deployed to be a single web > > >> application, not multiple web applications mapped to a single servlet > > >> container as is the architecture at the moment. > > >> > > >> For this to happen, we need to do many things: > > >> 1- Complete the refactoring of all containers to get the new signature of > > >> OfbizCommand argument list > > >> 2- Redesign the container so that everything is loaded once as a single > > >> webapp through one master servlet. This would have the advantage of being > > >> able to deploy OFBiz as a single WAR archive to be deployed in any > > >> servlet > > >> container > > >> 3- Redesign all components (if needed) to comply with this new > > >> architecture > > >> > > >> This is one of the things I've been dabbling with lately, but it's bigger > > >> than I expected. The code in the catalina container is very spaghetti > > >> like > > >> at the moment. > > >> > > >> So, I would say it's a good idea, but needs lots of cleanup / refactoring > > >> work first if you want to have a good chance of succeeding in > > >> implementation. Without a proper cleanup you might get a bit overwhelmed > > >> in > > >> trying to navigate the code maze :) So good luck. > > >> > > >> On Fri, May 5, 2017 at 12:12 PM, James Yong <jamesy...@apache.org> wrote: > > >> > > >> > Hi all, > > >> > > > >> > I would like to propose using the Single Sign On mechanism in Tomcat. > > >> > Once implemented, there is no necessity for the externalLoginKey, > > >> > or to indicate "intra-app" to target-type attribute. > > >> > > > >> > Any issue before i start working on a POC? > > >> > > > >> > Regards, > > >> > James Yong > > >> > > > >> > > >