• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Assorted SSO questions

 
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
We have the following requirements for Forum software and whilst the software we use at the moment meets these requirements it is a headache to maintain as half is VBScript which can be changed and half is in a binary which cannot.

We are interested JForum meet these requirements. If not would it require much changing to make it do so.

The basic need is to have forums for a number of different, independent sites running on one installation of JForum. These forums should be completely isolated and and a user of one should be unaware of the existence of another. Each forum should be able to have it's own, unique style.

The users will be logged into JForum using SSO, and they should not be aware that the forum is an independent system.

So, the questions are

  • Can SSO associate a newly created user with a runtime associated group?
  • Can the forum/user be allocated a style sheet?
  • [/list]
  • Is it possible to have users of one forum be completely unaware of the existence of another forum on the JForum installation?
  • Can the users be denied access to SSO defined settings (such as username/password/style sheet?


  • Many thanks.





    [originally posted on jforum.net by stront]
     
    Migrated From Jforum.net
    Ranch Hand
    Posts: 17424
    • Mark post as helpful
    • send pies
      Number of slices to send:
      Optional 'thank-you' note:
    • Quote
    • Report post to moderator
    What you want can be done because I've done it integrating jForum with our application. More details below:


  • Can SSO associate a newly created user with a runtime associated group?


  • A lot depends on how you're users and groups are defined, etc. But the basic answer is yes, with some coding. Mapping user info with jForum user info is fairly straight forward.

    Mapping groups depends on how "tightly" you want them integrated and what your specific needs are. For example, it's easy to say: If an SSO user does not exist in jForum, then create a matching user and based on the current state of that users remote groups, add them to matching jForum groups.

    But if you want tighter integration that allows jForum to know when the SSO users' groups/info changes, you will need to delve into the various User and Group DAO implimentations and do your own linkage. How hard this is depends on how good you are at mucking about in other folks code.


  • Can the forum/user be allocated a style sheet?



  • The easiest way to link a forum into an existing "site" is to use an iframe to display just the forum listing info and wrap it with your sites "style". It's easy to edit the jForum templates to eliminate the navigation you don't want, set the general style to a neutral tone that will fit with most sites.

    The next possibility is to modify the templates and calling actions to include enough info to determine which style sheet to include in the template header.

    What is not possible now, but will be in the future, is to specify a different set of template files on a per category/forum level.


  • Is it possible to have users of one forum be completely unaware of the existence of another forum on the JForum installation?



  • Yes, and the security model also supports this. However, the admin functions currently are not very user friendly for maintaining forum level security (everything is done by groups). It's possible it just takes some forethought and admins that understand exactly what they are doing.


  • Can the users be denied access to SSO defined settings (such as username/password/style sheet?



  • The quick way to do this is to edit the templates and remove any navigational links you don't want them to see. If you are tightly integrated with your own DAO stuff, it's possible just to throw exceptions on the "add" or "update" functions and force admins and users who find the back doors to use the main application's function.

    How easy this is depends a lot on your specific application security layout and how good your Java skills are.
    [originally posted on jforum.net by monroe]
     
    reply
      Bookmark Topic Watch Topic
    • New Topic