Hi evreybody,
I need your help!
I'm trying to integrate OpenKM, a jboss-based application, behind a
revese-proxy managing SSO forward (i.e: manages users authentication once time
and propagates authentication on secured applications).
Here are some indications:
OpenKM form login is composed of two fields :
- one for username, j_username
- one for password, j_password
(- and one submit button with "Login" as default value)
OpenKM form login action is /OpenKM/j_security_check
Of course, direct login (i.e. without passing through reverse-proxy) works fine.
Suppose I'm a trusted user (X.509 certificates checking validated) who is
trying to connect to https://openkm.mycompany.com. Reverse-proxy authenticates
me and then send itself my login/password for to protected OpenKM back-end
sever, for example: john/doo.
This last operation consits to send from the reverse-proxy a POST request to
/OpenKM/j_security_check with j_username=john&j_password=doo&submit=Login
Unfortunately reverse-proxy receives the following error:
HTTP Status 400 - Invalid direct reference to form login page
Then reverse-proxy is redirected to the authentication page. However
authentication has succeeded since if I reload the authentication page (this
one where I've been redirected) I'm redirected to OpenKM user interface and
OpenKM works finally fine. (I hope I'm clear...)
I ensure you I've got other secured applications behing the reverse proxy which
work fine.
So my questions are:
- how to disable this behavior? Is there the possibility to fix my problem?
- If yes, what files have to edit? With what parameters? (...)
I thank you in advance for your help.
Regards,
John.
View the original post :
http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4224412#4224412
Reply to the post :
http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4224412
_______________________________________________
jboss-user mailing list
jboss-user@lists.jboss.org
https://lists.jboss.org/mailman/listinfo/jboss-user
