Hi Guy, I just downloaded the svn trunk and found it's greately improved in the login part.
Yes, I use CAS single sign out by simplely redirecting OFBiz logout to CAS logout. Here is the code: http://www.langhua.cn/viewvc/ofbiz-components/OFBiz-LDAP/trunk/src/cn/langhua/ofbiz/ldap/cas/OFBizCasAuthenticationHandler.java?view=markup And thanks for your tip. I'll try your implement later. Regards, Shi Yusen/Beijing Langhua Ltd. 在 2008-08-26二的 11:28 +1000,Guy Gershoni写道: > Hi Shi, > > Just wondering if your code handles Single Sign Out. We have been > integrating CAS with the latest code from head... if you use the CAS > Java client (include it in the web.xml of apps you want to lock down) > then you can work with the existing framework to log users in see... > https://issues.apache.org/jira/browse/OFBIZ-1906. CAS will destroy > the session and that is being caught by Ofbiz but there is a small bug > that we are fixing to allow automatic logout. > > If we can get support from a commiter I would be happy to help get CAS > fully functional in Ofbiz 5... it doesn't look like a lot of work. > > QUESTION: In the default install of Tomcat one has a /config/web.xml > file that sets stuff up for all applications in the server... does a > similar web.xml exist in the embedded Tomcat that comes with Ofbiz? > > Guy > > On Mon, Aug 25, 2008 at 5:49 PM, Shi Yusen (JIRA) <[EMAIL PROTECTED]> wrote: > > > > [ > > https://issues.apache.org/jira/browse/OFBIZ-1689?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12625267#action_12625267 > > ] > > > > Shi Yusen commented on OFBIZ-1689: > > ---------------------------------- > > > > OFBiz-LDAP component supports the following scenes: OFBiz-OpenLDAP, > > OFBiz-ActiveDirectory, OFBiz-CAS-OpenLDAP and OFBiz-CAS-ActiveDirectory. > > It's also possible to extend it to support other SSO products such as TAM. > > > > The license of this component is LGPL. > > > > The latest version of this component is tested in Fedora Core 9, Sun JDK > > 1.6, OFBiz 4.0, OpenLDAP 2.4.8, CAS 3.2.1.1. > > > > You can get the source code from: > > > > SVN: > > > > http://www.langhua.cn/langhua/ofbiz-components/OFBiz-LDAP/ > > > > Username: anon > > > > Password: anon > > > > > > > > ViewVC: > > > > http://www.langhua.cn/viewvc/ofbiz-components/OFBiz-LDAP/ > > > > > > > > You can download CAS 3.2.1.1 from http://www.ja-sig.org/products/cas/ > > > > > > > > User guide: > > > > 1. > > > > Use Eclipse SVN plugin download OFBiz-LDAP component from > > http://www.langhua.cn/langhua/ofbiz-components/OFBiz-LDAP/branch/ofbiz4.0-cas3.2.1.1-openldap2.4.8/ > > as a new Java project. > > 2. Edit build.xml of the new project, change ofbiz.home property to the > > path where your OFBiz is. > > 3. > > > > Run ofbiz.copy of build.xml, OFBiz-LDAP component will be deployed to > > {ofbiz.home}/specialpurpose/ldap/. > > 4. Edit {ofbiz.home}/specialpurpose/build.xml, add ldap/build.xml: > > > > <filelist id="application-builds" dir="." files="pos/build.xml, > > hhfacility/build.xml, assetmaint/build.xml, ldap/build.xml"/> > > > > 5. > > > > Edit {ofbiz.home}/specialpurpose/component-load.xml, add > > > > <load-component > > component-location="${ofbiz.home}/specialpurpose/ldap"/> > > 6. > > > > If nessecery, change getPartyId and getSecurityGroup in > > /cn/langhua/ofbiz/ldap/commons/A_OFBizAuthenticationHandler.java. > > 7. > > > > Run build of {ofbiz.home}/build.xml. > > 8. If CAS is deployed in tomcat in the same computer with OFBiz, change > > tomcat's ssl port to another value such as 8444 and restart tomcat. > > 9. Edit the configurations in > > {ofbiz.home}/specialpurpose/ldap/config/ldap.xml. > > 10. > > > > Change checkLogin, login and logout in every WEB-INF/controller.xml: > > > > <!-- Security Mappings --> > > > > <request-map uri="checkLogin" edit="false"> > > > > <description>Verify a user is logged in.</description> > > > > <security https="true" auth="false"/> > > > > <event type="java" path="cn.langhua.ofbiz.ldap.LdapLoginWorker" > > invoke="checkLogin" /> > > > > <response name="success" type="view" value="main" /> > > > > <response name="error" type="view" value="login" /> > > > > </request-map> > > > > > > <request-map uri="login"> > > > > <security https="true" auth="false"/> > > > > <event type="java" path="cn.langhua.ofbiz.ldap.LdapLoginWorker" > > invoke="login"/> > > > > <response name="success" type="view" value="main"/> > > > > <response name="error" type="view" value="login"/> > > > > </request-map> > > > > > > <request-map uri="logout"> > > > > <security https="true" auth="true"/> > > > > <event type="java" path="cn.langhua.ofbiz.ldap.LdapLoginWorker" > > invoke="logout"/> > > > > <response name="success" type="request" value="checkLogin"/> > > > > <response name="error" type="view" value="main"/> > > > > </request-map> > > > > <!-- End of Security Mappings --> > > > > > > 11. Run OFBiz. Try to login OFBiz, you'll be redirect to CAS login page. > > Input a correct username and password, you'll be able to login OFBiz. > > 12. Click Logout in OFBiz, you'll be redirect to CAS logout page. > > > > > > To BJ Freeman: > > I think it should work for trunk though I haven't test it, last time I > > downloaded the trunk, unfortunately I couldn't make it run. I'll try to > > test it in trunk again. > > > > To Jacques Le Roux: > > I do like to contribute the source code to OFBiz. The OFBiz-LDAP component > > includes a jar from ja-sig CAS, I'm not sure whether its license is > > acceptable for Apache. Here's the license of CAS: > > http://www.ja-sig.org/products/cas/overview/license/index.html > > > >> CASifying OFBiz > >> --------------- > >> > >> Key: OFBIZ-1689 > >> URL: https://issues.apache.org/jira/browse/OFBIZ-1689 > >> Project: OFBiz > >> Issue Type: New Feature > >> Components: ALL COMPONENTS > >> Affects Versions: Release Branch 4.0 > >> Reporter: Shi Yusen > >> Assignee: Jacques Le Roux > >> Priority: Trivial > >> Fix For: Release Branch 4.0 > >> > >> Original Estimate: 336h > >> Remaining Estimate: 336h > >> > >> I'll start my work on CASifying OFBiz, the method will be similar to this > >> one: > >> http://www.ja-sig.org/wiki/display/CASC/CASifying+OpenCms > >> Please keep this issue open, I'll post my code to this issue when it's > >> done. > >> I'm eager to hear your suggestions on this topic. > >> TIA > >> Shi Yusen/Beijing Langhua Ltd. > > > > -- > > This message is automatically generated by JIRA. > > - > > You can reply to this email to add a comment to the issue online. > > > > > > >