aspose file tools*
The moose likes JForum and the fly likes Cookie-based SSO and v2.1.7 Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » JForum
Bookmark "Cookie-based SSO and v2.1.7" Watch "Cookie-based SSO and v2.1.7" New topic
Author

Cookie-based SSO and v2.1.7

Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
I understand there are some issues with SSO as documented on this site, especially for JForum v2.1.7. Can someone please point me in the right direction for the next step?

Here's where I am.

I've got Eclipse v3.2.2
I'm using j2sdk1.4.2_12
I've gotten the source from the downloadable zip.
I've gotten the missing 5 .jar files from the CVS.

I've gotten to the point where the existing stuff will rebuild without errors - just 90 warnings.

I've created a MyUserSSO.java using the code in this thread:

http://www.coderanch.com/t/576580


I show an import that cannot be resolved:

import net.jforum.ActionServletRequest;

I find this file in the CVS only by viewing dead files.

Again, please, does ANYONE have a working version of simple cookie-based SSO for JForum v2.1.7?

Please?

I'll trade you for some Oracle consulting time. Really!

Thanks,
Jennifer

p.s. I posted the bulk of this message earlier, in the Questions category, and got no response at all. Is there any option for paid support of this product? Is anyone out there well enough versed in JForum to take on a paid support role?
[originally posted on jforum.net by jenamon]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Jennifer,

exactly what is it what you are trying to achieve? Should a user logon in a different part of your website and thus also be logged in at the forum ? Or is a user authenticated first again an ldap server or something like that ?


[originally posted on jforum.net by jax]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Actually, I've gotten past that step. Once I get it working, if I ever get it working, I'll post the working code back to the list. For those still trying, the clue is in the fact that your MyUserSSO must implement SSO. So, make the request parameter match what's in the SSO code. They've broken out the JForum and Web request context stuff, and changed/replaced it - hence the deprecated code. So, I've gotten past that error. If I don't stumble again over something, I should have a working version soon.

So, I guess they were right. If they ignore the pleas for help, the users will either go away or (eventually) figure it out themselves.

Jennifer
[originally posted on jforum.net by jenamon]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
I've got it working, believe it or not. Here's the working code for MyUserSSO.java:



The cookie name can be whatever you want it to be. It's used only here.

The user DOES show up as a registered user, i.e. Judy vs. anonymous, but the email gets set to sso@user, and the user cannot change it in the "My Profile" page. I tried setting the email address directly into the database from my front-end web app, and that works.

The password gets set to "sso" instead of an encrypted value, and the user cannot change that in the "My Profile" page.

I will likely try to change the My Profile page so that the user doesn't even see the options to change the email address or the password if they are logged in via SSO.

More work to do, but at least FINALLY getting close.


[originally posted on jforum.net by jenamon]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Cookie-based SSO and v2.1.7