Well, here's the rub. I believe the SSOReverseProxyIFramePortlet is new in 2.2.1, which is where I was when I first posted, however, I found that my configuration kept getting scrambled, so I reverted to 2.2.0 I will try your suggestion on 2.2.1, but I will have to address the scrambling issue. What is happening is this. I have cloned the IFramePortlet several times and configured each for different static content being served from apache2. I have avoided setting any user preferences, and, instead, set the preferences for each clone in the PAM portlet. Everything worked fine. Then after a few hours, the IFramePortlet content was all mixed up. For instance, the portlet on page 1 would be showing the content I had configured for the portlet on page 2 and so on. I went into PAM and corrected the preferences to what they should be and assumed I was ok, but the next morning things were scrambled again. I did some queries in the derby db and it appears they are wrong there. I don't know if this is a portlet id issue or an indexing problem or what, but I need a resolution before I can proceed to 2.2.1 Of course, I have the exact same configuration in 2.2.0 and am having no problem there, but I also have no SSOReverseProxyIFrame there. Any ideas?
From: David Sean Taylor <[email protected]> To: Jetspeed Users List <[email protected]> Date: 08/17/2010 07:19 PM Subject: Re: SSO IFrame form authentication On Tue, Aug 17, 2010 at 1:40 PM, <[email protected]> wrote: > How did your testing go? I compared SSO Webcontent (which works, sort of) > to SSO IFrame classes and I see a method for preemptive login in the > webcontent class but no reference at all in the SSO IFrame class. Does > this just mean it is being done differently, or is something amiss in the > SSO IFrame class? There are two SSOIFrame classes: 1. SSOIFramePortlet 2. SSOReverseProxyIFramePortlet Suggest using the second one, SSOReverseProxyIFramePortlet as it gives you features not available in the older SSOIFramePortlet such as auto-resizing and form-based authentication (what you are after) I tested with SSOReverseProxyIFramePortlet and it worked in the example that comes with Jetspeed, but it takes a little bit of configuration. First, ensure your Tomcat will need this attribute set in the <Connector> element of server.xml: emptySessionPath="true" more detail here: http://portals.apache.org/applications/webcontent/index.html If you had to change server.xml setting, then restart your server I took these steps to verify SSO with the example form-based login that comes with Jetspeed: 1. login as admin 2. navigate to the Jetspeed Administration space, SSO Management page, or just go here: http://localhost:8080/jetspeed/ui/Administrative/sso-admin.psml Add a new Site with following parameters: Site Name: Form Example Site URL: http://localhost:8080/j2-admin/examples/formauth.jsp Field name for User ID: user Field name For Password value: pass Press Save Add a new credential for this site in the portlet on the right side (SSO Details): Portal Principal: admin Remote Principal: admin Remote Credential: admin Press Add You can verify that the remote credential was added for the admin user by going here: http://localhost:8080/jetspeed/ui/my-account.psml see the portlet on the right "SSO Change Passwords", a remote site entry should be there named "Form Example" Next, you can use the Toolbox to find the Reverse Proxy Iframe Portlet by searching on "iframe" and then selecting it from there and adding to a page. To make things simple, I just added a page and then added the Reverse Proxy Iframe Portlet there. At first this portlet seems to want to use Basic Authentication, so just hit cancel when challenged. I then switched to edit mode (pencil icon), and entered the following preferences: TITLE: My SSO Test SRC: http://localhost:${serverPort}${contextPath}/examples/formauth.jsp Press Save You should see in your portlet content something like: "Hello, admin. You have been authorized by form-based authentication !!!" Give that a try and see if it works. Then, move on to your specific IFrame source and let us know how it goes... --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean (mailgw2:E659D1E6FC.D1395). This communication and any attachments are confidential, protected by Communications Privacy Act 18 USCS ยง 2510, solely for the use of the intended recipient, and may contain legally privileged material. If you are not the intended recipient, please return or destroy it immediately. Thank you.
