ok, I was right. SSO Login did not stay working. I have need for these add'l args in the login. ?Action=Login&RequestedURL=&Lang=en&TimeOffset=30 I found that if I append these to the login url in SSO Admin, then try to access the portlet, I get a 404, then if I remove the extra args from SSO Admin and go back to the portlet, I am logged in. Of course, this only works once and then it's broke again. Also, evidently, the sso.form.Args property does not help. Any other ideas?
From: Woonsan Ko <[email protected]> To: Jetspeed Users List <[email protected]> Date: 08/20/2010 11:50 AM Subject: Re: SSO IFrame form authentication I believe the pages can be simply copied because I cannot find anything to watch with psml pages either. By the way, you can copy those pages into any other folder by configuring the path in /jetspeed/WEB-INF/conf/override.properties. For example, # default path to (XML) PSML pages root folder psml.pages.path = ${applicationRoot}/WEB-INF/migrated_pages Regards, Woonsan --- On Fri, 8/20/10, [email protected] <[email protected]> wrote: > From: [email protected] <[email protected]> > Subject: Re: SSO IFrame form authentication > To: "Jetspeed Users List" <[email protected]> > Date: Friday, August 20, 2010, 3:05 PM > I have installed 2.2.1 with MySQL and > I now need to move my pages and > layouts from the 2.2.0 installation. Given that my > previous 2.2.1 > installation on Derby is defunct, is there anything I > should watch out for > this time? Can I simply copy the psml's from the > 2.2.0 directories to the > 2.2.1 directories? I have not seen a > migration guide to address this > need. > > > > From: > Woonsan Ko <[email protected]> > To: > Jetspeed Users List <[email protected]> > Date: > 08/18/2010 12:35 PM > Subject: > Re: SSO IFrame form authentication > > > > Hi, > > I haven't heard of that preferences data problem yet in > 2.2.1. > IMHO, It could help to localize the problems if you test > against other > databases > like PostgreSQL or MySQL. > On the other hand, I think you could deploy newer > j2-admin.war and > apa-webcontent.war which were included in 2.2.1. > > -Woonsan > > > ----- Original Message ---- > > From: "[email protected]" > <[email protected]> > > To: Jetspeed Users List <[email protected]> > > Sent: Wed, August 18, 2010 6:10:25 AM > > Subject: Re: SSO IFrame form authentication > > > > Well, here's the rub. I believe the > SSOReverseProxyIFramePortlet is new > > > in 2.2.1, which is where I was when I first posted, > however, I found > that > > my configuration kept getting scrambled, so I reverted > to 2.2.0 I will > > try your suggestion on 2.2.1, but I will have to > address the scrambling > > issue. What is happening is this. I have > cloned the IFramePortlet > > several times and configured each for different static > content being > > served from apache2. I have avoided setting any > user preferences, and, > > > instead, set the preferences for each clone in the > PAM portlet. > Everything > > worked fine. Then after a few hours, the > IFramePortlet content was all > > > mixed up. For instance, the portlet on > page 1 would be showing the > > content I had configured for the portlet on page > 2 and so on. I went > into > > PAM and corrected the preferences to what they > should be and assumed I > was > > ok, but the next morning things were scrambled > again. I did some > queries > > in the derby db and it appears they are wrong > there. I don't know if > this > > is a portlet id issue or an indexing problem or > what, but I need a > > resolution before I can proceed to 2.2.1 > Of course, I have the exact > same > > configuration in 2.2.0 and am having no problem > there, but I also have > no > > SSOReverseProxyIFrame there. Any ideas? > > > > > > > > From: > > David Sean Taylor <[email protected]> > > To: > > Jetspeed Users List <[email protected]> > > Date: > > 08/17/2010 07:19 PM > > Subject: > > Re: SSO IFrame form authentication > > > > > > > > On Tue, Aug 17, 2010 at 1:40 PM, <[email protected]> > wrote: > > > How did your testing go? I compared SSO > Webcontent (which works, > sort > > of) > > > to SSO IFrame classes and I see a method > for preemptive login in the > > > webcontent class but no reference at all in > the SSO IFrame class. > Does > > > this just mean it is being done > differently, or is something amiss in > > > the > > > SSO IFrame class? > > > > There are two SSOIFrame classes: > > > > 1. SSOIFramePortlet > > 2. SSOReverseProxyIFramePortlet > > > > Suggest using the second one, > SSOReverseProxyIFramePortlet as it gives > > you features not available in the older > SSOIFramePortlet such as > > auto-resizing and form-based authentication > (what you are after) > > > > I tested with SSOReverseProxyIFramePortlet and > it worked in the > > example that comes with Jetspeed, but it takes a > little bit of > > configuration. > > > > First, ensure your Tomcat will need this > attribute set in the > > <Connector> element of server.xml: > > > > emptySessionPath="true" > > > > more detail here: > > > > http://portals.apache.org/applications/webcontent/index.html > > > > If you had to change server.xml setting, then > restart your server > > > > I took these steps to verify SSO with the > example form-based login > > that comes with Jetspeed: > > > > 1. login as admin > > 2. navigate to the Jetspeed Administration > space, SSO Management page, > > or just go here: > > > > http://localhost:8080/jetspeed/ui/Administrative/sso-admin.psml > > > > Add a new Site with following parameters: > > > > Site Name: Form Example > > Site URL: http://localhost:8080/j2-admin/examples/formauth.jsp > > Field name for User ID: user > > Field name For Password value: pass > > > > Press Save > > > > Add a new credential for this site in the > portlet on the right side > > (SSO Details): > > > > Portal Principal: admin > > Remote Principal: admin > > Remote Credential: admin > > > > Press Add > > > > You can verify that the remote credential > was added for the admin > > user by going here: > > > > http://localhost:8080/jetspeed/ui/my-account.psml > > > > see the portlet on the right "SSO Change > Passwords", a remote site > > entry should be there named "Form Example" > > > > Next, you can use the Toolbox to find the > Reverse Proxy Iframe Portlet > > by searching on "iframe" and then selecting it > from there and adding > > to a page. To make things simple, I just added a > page and then added > > the Reverse Proxy Iframe Portlet there. At first this > portlet seems to > > want to use Basic Authentication, so just hit cancel > when challenged. > > I then switched to edit mode (pencil icon), and > entered the following > > preferences: > > > > TITLE: My SSO Test > > SRC: http://localhost:$ {serverPort}${contextPath}/examples/formauth.jsp > > > > Press Save > > > > You should see in your portlet content something > like: > > > > "Hello, admin. You have been authorized by > form-based authentication > !!!" > > > > Give that a try and see if it works. Then, move on > to your specific > > IFrame source and let us know how it goes... > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [email protected] > > For additional commands, e-mail: [email protected] > > > > > > -- > > This message has been scanned for viruses and > > dangerous content by MailScanner, and is > > believed to be clean > (mailgw2:E659D1E6FC.D1395). > > > > > > > > > > This communication and any attachments are > confidential, protected by > > Communications Privacy Act 18 USCS § 2510, > solely for the use of the > > intended recipient, and may contain legally > privileged material. If you > > > are not the intended recipient, please return or > destroy it > immediately. > > Thank you. > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [email protected] > For additional commands, e-mail: [email protected] > > > -- > This message has been scanned for viruses and > dangerous content by MailScanner, and is > believed to be clean (mailgw2:9902C1E701.B0EA8). > > > > > This communication and any attachments are confidential, > protected by > Communications Privacy Act 18 USCS § 2510, solely for the > use of the > intended recipient, and may contain legally privileged > material. If you > are not the intended recipient, please return or destroy it > immediately. > Thank you. --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected] -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean (mailgw2:8B04D2A000C.7088C). This communication and any attachments are confidential, protected by Communications Privacy Act 18 USCS § 2510, solely for the use of the intended recipient, and may contain legally privileged material. If you are not the intended recipient, please return or destroy it immediately. Thank you.
