Hi Shi, Just wondering if your code handles Single Sign Out. We have been integrating CAS with the latest code from head... if you use the CAS Java client (include it in the web.xml of apps you want to lock down) then you can work with the existing framework to log users in see... https://issues.apache.org/jira/browse/OFBIZ-1906. CAS will destroy the session and that is being caught by Ofbiz but there is a small bug that we are fixing to allow automatic logout.
If we can get support from a commiter I would be happy to help get CAS fully functional in Ofbiz 5... it doesn't look like a lot of work. QUESTION: In the default install of Tomcat one has a /config/web.xml file that sets stuff up for all applications in the server... does a similar web.xml exist in the embedded Tomcat that comes with Ofbiz? Guy On Mon, Aug 25, 2008 at 5:49 PM, Shi Yusen (JIRA) <[EMAIL PROTECTED]> wrote: > > [ > https://issues.apache.org/jira/browse/OFBIZ-1689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12625267#action_12625267 > ] > > Shi Yusen commented on OFBIZ-1689: > ---------------------------------- > > OFBiz-LDAP component supports the following scenes: OFBiz-OpenLDAP, > OFBiz-ActiveDirectory, OFBiz-CAS-OpenLDAP and OFBiz-CAS-ActiveDirectory. It's > also possible to extend it to support other SSO products such as TAM. > > The license of this component is LGPL. > > The latest version of this component is tested in Fedora Core 9, Sun JDK 1.6, > OFBiz 4.0, OpenLDAP 2.4.8, CAS 3.2.1.1. > > You can get the source code from: > > SVN: > > http://www.langhua.cn/langhua/ofbiz-components/OFBiz-LDAP/ > > Username: anon > > Password: anon > > > > ViewVC: > > http://www.langhua.cn/viewvc/ofbiz-components/OFBiz-LDAP/ > > > > You can download CAS 3.2.1.1 from http://www.ja-sig.org/products/cas/ > > > > User guide: > > 1. > > Use Eclipse SVN plugin download OFBiz-LDAP component from > http://www.langhua.cn/langhua/ofbiz-components/OFBiz-LDAP/branch/ofbiz4.0-cas3.2.1.1-openldap2.4.8/ > as a new Java project. > 2. Edit build.xml of the new project, change ofbiz.home property to the > path where your OFBiz is. > 3. > > Run ofbiz.copy of build.xml, OFBiz-LDAP component will be deployed to > {ofbiz.home}/specialpurpose/ldap/. > 4. Edit {ofbiz.home}/specialpurpose/build.xml, add ldap/build.xml: > > <filelist id="application-builds" dir="." files="pos/build.xml, > hhfacility/build.xml, assetmaint/build.xml, ldap/build.xml"/> > > 5. > > Edit {ofbiz.home}/specialpurpose/component-load.xml, add > > <load-component component-location="${ofbiz.home}/specialpurpose/ldap"/> > 6. > > If nessecery, change getPartyId and getSecurityGroup in > /cn/langhua/ofbiz/ldap/commons/A_OFBizAuthenticationHandler.java. > 7. > > Run build of {ofbiz.home}/build.xml. > 8. If CAS is deployed in tomcat in the same computer with OFBiz, change > tomcat's ssl port to another value such as 8444 and restart tomcat. > 9. Edit the configurations in > {ofbiz.home}/specialpurpose/ldap/config/ldap.xml. > 10. > > Change checkLogin, login and logout in every WEB-INF/controller.xml: > > <!-- Security Mappings --> > > <request-map uri="checkLogin" edit="false"> > > <description>Verify a user is logged in.</description> > > <security https="true" auth="false"/> > > <event type="java" path="cn.langhua.ofbiz.ldap.LdapLoginWorker" > invoke="checkLogin" /> > > <response name="success" type="view" value="main" /> > > <response name="error" type="view" value="login" /> > > </request-map> > > > <request-map uri="login"> > > <security https="true" auth="false"/> > > <event type="java" path="cn.langhua.ofbiz.ldap.LdapLoginWorker" > invoke="login"/> > > <response name="success" type="view" value="main"/> > > <response name="error" type="view" value="login"/> > > </request-map> > > > <request-map uri="logout"> > > <security https="true" auth="true"/> > > <event type="java" path="cn.langhua.ofbiz.ldap.LdapLoginWorker" > invoke="logout"/> > > <response name="success" type="request" value="checkLogin"/> > > <response name="error" type="view" value="main"/> > > </request-map> > > <!-- End of Security Mappings --> > > > 11. Run OFBiz. Try to login OFBiz, you'll be redirect to CAS login page. > Input a correct username and password, you'll be able to login OFBiz. > 12. Click Logout in OFBiz, you'll be redirect to CAS logout page. > > > To BJ Freeman: > I think it should work for trunk though I haven't test it, last time I > downloaded the trunk, unfortunately I couldn't make it run. I'll try to test > it in trunk again. > > To Jacques Le Roux: > I do like to contribute the source code to OFBiz. The OFBiz-LDAP component > includes a jar from ja-sig CAS, I'm not sure whether its license is > acceptable for Apache. Here's the license of CAS: > http://www.ja-sig.org/products/cas/overview/license/index.html > >> CASifying OFBiz >> --------------- >> >> Key: OFBIZ-1689 >> URL: https://issues.apache.org/jira/browse/OFBIZ-1689 >> Project: OFBiz >> Issue Type: New Feature >> Components: ALL COMPONENTS >> Affects Versions: Release Branch 4.0 >> Reporter: Shi Yusen >> Assignee: Jacques Le Roux >> Priority: Trivial >> Fix For: Release Branch 4.0 >> >> Original Estimate: 336h >> Remaining Estimate: 336h >> >> I'll start my work on CASifying OFBiz, the method will be similar to this >> one: >> http://www.ja-sig.org/wiki/display/CASC/CASifying+OpenCms >> Please keep this issue open, I'll post my code to this issue when it's done. >> I'm eager to hear your suggestions on this topic. >> TIA >> Shi Yusen/Beijing Langhua Ltd. > > -- > This message is automatically generated by JIRA. > - > You can reply to this email to add a comment to the issue online. > > -- Guy Gershoni Conchus Email: [EMAIL PROTECTED] Web: www.conchus.com
