Hi, Please see my comments below.
----- Original Message ---- > From: "[email protected]" <[email protected]> > To: Jetspeed Users List <[email protected]> > Sent: Wed, August 18, 2010 11:06:40 AM > Subject: Re: SSO IFrame form authentication > > Are you suggesting that I could deploy the 2.2.1 j2-admin.war and > apa-webcontent.war into my 2.2.0 implementation? Well, I thought it would be just simple to deploy those newer portlet applications. However, I think it could break some other j2-admin portlets due to dependency on new Jetspeed APIs. Basically, the core reverse proxy iframe portlets are provided by apa-webcontent which can be independently deployed to the old Jetspeed portal. The sso reverse proxy iframe portlet in j2-admin just extends the core one form apa-webcontent-jar. So, I can say you can upgrade apa-webcontent-jar dependency in j2-admin and add the new sso reverse proxy iframe portlet in the newer j2-admin portlet. However, of course, this is not in the category of recommended practice. I think we'd better focus on resolving the problem of preference data.. > > Just a followup to the preferences problem. When I deployed 2.2.1, I > copied the psml files from my 2.2.0 implementation to the 2.2.1 > directorys. I had to clone each of the IFrame portlets again in 2.2.1 Hmm. There could be somethings. I think it would be useful to test the problems in 2.2.1 without copying the old files which were created under 2.2.0. By the way, the preference data will be retrieved by the fragment IDs in the psml files. So, when you clone those, you could check if the fragment id is the old one or new generated one. Please have a look into the psml files. If two fragments have the same fragment ID, then they will share the preferences data. Regards, Woonsan > Could this process have confused something in the 2.2.1 implementation. I > will follow your suggestion of deploying with MySQL and see what happens > as well. Thanks. > > > > From: > Woonsan Ko <[email protected]> > To: > Jetspeed Users List <[email protected]> > Date: > 08/18/2010 12:35 PM > Subject: > Re: SSO IFrame form authentication > > > > Hi, > > I haven't heard of that preferences data problem yet in 2.2.1. > IMHO, It could help to localize the problems if you test against other > databases > like PostgreSQL or MySQL. > On the other hand, I think you could deploy newer j2-admin.war and > apa-webcontent.war which were included in 2.2.1. > > -Woonsan > > > ----- Original Message ---- > > From: "[email protected]" <[email protected]> > > To: Jetspeed Users List <[email protected]> > > Sent: Wed, August 18, 2010 6:10:25 AM > > Subject: Re: SSO IFrame form authentication > > > > Well, here's the rub. I believe the SSOReverseProxyIFramePortlet is new > > > in 2.2.1, which is where I was when I first posted, however, I found > that > > my configuration kept getting scrambled, so I reverted to 2.2.0 I will > > try your suggestion on 2.2.1, but I will have to address the scrambling > > issue. What is happening is this. I have cloned the IFramePortlet > > several times and configured each for different static content being > > served from apache2. I have avoided setting any user preferences, and, > > > instead, set the preferences for each clone in the PAM portlet. > Everything > > worked fine. Then after a few hours, the IFramePortlet content was all > > > mixed up. For instance, the portlet on page 1 would be showing the > > content I had configured for the portlet on page 2 and so on. I went > into > > PAM and corrected the preferences to what they should be and assumed I > was > > ok, but the next morning things were scrambled again. I did some > queries > > in the derby db and it appears they are wrong there. I don't know if > this > > is a portlet id issue or an indexing problem or what, but I need a > > resolution before I can proceed to 2.2.1 Of course, I have the exact > same > > configuration in 2.2.0 and am having no problem there, but I also have > no > > SSOReverseProxyIFrame there. Any ideas? > > > > > > > > From: > > David Sean Taylor <[email protected]> > > To: > > Jetspeed Users List <[email protected]> > > Date: > > 08/17/2010 07:19 PM > > Subject: > > Re: SSO IFrame form authentication > > > > > > > > On Tue, Aug 17, 2010 at 1:40 PM, <[email protected]> wrote: > > > How did your testing go? I compared SSO Webcontent (which works, > sort > > of) > > > to SSO IFrame classes and I see a method for preemptive login in the > > > webcontent class but no reference at all in the SSO IFrame class. > Does > > > this just mean it is being done differently, or is something amiss in > > > the > > > SSO IFrame class? > > > > There are two SSOIFrame classes: > > > > 1. SSOIFramePortlet > > 2. SSOReverseProxyIFramePortlet > > > > Suggest using the second one, SSOReverseProxyIFramePortlet as it gives > > you features not available in the older SSOIFramePortlet such as > > auto-resizing and form-based authentication (what you are after) > > > > I tested with SSOReverseProxyIFramePortlet and it worked in the > > example that comes with Jetspeed, but it takes a little bit of > > configuration. > > > > First, ensure your Tomcat will need this attribute set in the > > <Connector> element of server.xml: > > > > emptySessionPath="true" > > > > more detail here: > > > > http://portals.apache.org/applications/webcontent/index.html > > > > If you had to change server.xml setting, then restart your server > > > > I took these steps to verify SSO with the example form-based login > > that comes with Jetspeed: > > > > 1. login as admin > > 2. navigate to the Jetspeed Administration space, SSO Management page, > > or just go here: > > > > http://localhost:8080/jetspeed/ui/Administrative/sso-admin.psml > > > > Add a new Site with following parameters: > > > > Site Name: Form Example > > Site URL: http://localhost:8080/j2-admin/examples/formauth.jsp > > Field name for User ID: user > > Field name For Password value: pass > > > > Press Save > > > > Add a new credential for this site in the portlet on the right side > > (SSO Details): > > > > Portal Principal: admin > > Remote Principal: admin > > Remote Credential: admin > > > > Press Add > > > > You can verify that the remote credential was added for the admin > > user by going here: > > > > http://localhost:8080/jetspeed/ui/my-account.psml > > > > see the portlet on the right "SSO Change Passwords", a remote site > > entry should be there named "Form Example" > > > > Next, you can use the Toolbox to find the Reverse Proxy Iframe Portlet > > by searching on "iframe" and then selecting it from there and adding > > to a page. To make things simple, I just added a page and then added > > the Reverse Proxy Iframe Portlet there. At first this portlet seems to > > want to use Basic Authentication, so just hit cancel when challenged. > > I then switched to edit mode (pencil icon), and entered the following > > preferences: > > > > TITLE: My SSO Test > > SRC: http://localhost:${serverPort}${contextPath}/examples/formauth.jsp > > > > Press Save > > > > You should see in your portlet content something like: > > > > "Hello, admin. You have been authorized by form-based authentication > !!!" > > > > Give that a try and see if it works. Then, move on to your specific > > IFrame source and let us know how it goes... > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > > > > -- > > This message has been scanned for viruses and > > dangerous content by MailScanner, and is > > believed to be clean (mailgw2:E659D1E6FC.D1395). > > > > > > > > > > This communication and any attachments are confidential, protected by > > Communications Privacy Act 18 USCS § 2510, solely for the use of the > > intended recipient, and may contain legally privileged material. If you > > > are not the intended recipient, please return or destroy it > immediately. > > Thank you. > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean (mailgw2:9902C1E701.B0EA8). > > > > > This communication and any attachments are confidential, protected by > Communications Privacy Act 18 USCS § 2510, solely for the use of the > intended recipient, and may contain legally privileged material. If you > are not the intended recipient, please return or destroy it immediately. > Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
