On Oct 5, 2008, at 10:31 PM, pradeep reddy wrote:
I want to use the SSO feature of jetspeed 2 for the applications
running on different servers.Right now the idea is, we want to open
the applications in different browser windows, not in a portlet , So
we want to pass the authentication details from portal to the
application which is using form based authentication. when a user
logs into the portal, in his default page we just provide the links
to the other apps for which he is authorized to access.when the user
clicks the links, application opens in a new browser window,with the
user logged in that application. Otherwise If the user access the
site directly, it asks for the credentials. It might be the basic
and came for discussion before, But it is not documented well .If
some one provide me the solution or point me to previous
discussions, that would be great. I need what kind of configurations
that suppose to be done on the application side as well. Thanks in
advance,Pradeep.
You can look at the demo of SSO portlets with the jetspeed 2.1.3 demo
installer to get an idea of how to use SSO IFrame and SSO Web Content
Portlets as gateways to your apps
Here is what is available from these portlets:
SSO Web Content Help
Basic authentication
is the default and can be supported effectively without even setting
sso.type Just by providing credentials for the domain. The credentials
will not be sent preemptively, but if a 401 request is returned for
Basic authentication, it will be handled properly. Tis is equivalent
to setting sso.type=basic (or sso.type=html (old - now deprecated in
favor of calling it basic). if you set sso.type=basic.preemptive, it
will send the credentials preemptively.
URL authentication
(query args) is supported as sso.type=url or sso.type=url.base64. By
definition, this type of authentication is preemptive, so no
distinction is made there.
Form-authentication
is supported with sso.type=form (which is equivalent to
sso.type=form.post - you can also specify sso.type=form.get, if GET
protocol is used on the login form). This form also requires a bunch
of other data ( e.g. the action URL, other args, names of the fields
for credentials, etc.). All of this is in an example that is in the
demo portlet.xml. Form-based authentication is also considred
"preemptive", in that it authenticates before any other content is
read. However, it only does it once. If it succeeds, all should be
well. If it fails, the user will have to login by hand (since the
initial content URL will cause a redirect to the login page).
SSO IFrame Help
The following preferences can be used with the SSO IFrame Portlet in
addition to the standard IFrame preferences
Preference Usage
sso.type The type of Single signon authentication. Valid values:
form | basic | basic.preemptive | url | url.base64
sso.url.Credential The name of the credential input field or parameter
sso.url.Principal The name of the user name input field or parameter
SSO Principal The actual user name
SSO Credential The actual crendential value
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
