permaculture playing cards*
The moose likes JForum and the fly likes sso(my app) 1stuser login and logout 2nd user login it show  Connected users:1st login userinfo Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of OCM Java EE 6 Enterprise Architect Exam Guide this week in the OCMJEA forum!
JavaRanch » Java Forums » Products » JForum
Bookmark "sso(my app) 1stuser login and logout 2nd user login it show  Connected users:1st login userinfo" Watch "sso(my app) 1stuser login and logout 2nd user login it show  Connected users:1st login userinfo" New topic
Author

sso(my app) 1stuser login and logout 2nd user login it show Connected users:1st login userinfo

Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Hi Norbert,


Thanks for u r help.
i have implemetner SSO as bellow following

public class MyuserSSO implements SSO { // you must implement met.jforum.sso.SSO

static final Logger logger = Logger.getLogger(MyuserSSO.class.getName()); // init logging
private String username=null;

private Connection conn;
public String authenticateUser(RequestContext request) { // required method


HttpServletRequest req=(HttpServletRequest)request;
HttpSession session =req.getSession();
username=session.getAttribute("email").toString();


net.jforum.entities.User user=null ;

String mysession=session.getAttribute("auto-login").toString();
System.out.println("mysession-->"+mysession);
if(mysession!=null){
session.removeAttribute("auto-login");

String users=null;
DataSourceConnection dsc =null;
try{
dsc = new DataSourceConnection(); // my apps database
dsc.init();
conn = (Connection) dsc.getConnection();
DAOManager managerDAO =new DAOManager();

managerDAO.getUserDAO(conn);
user = managerDAO.getUserByName(username);

username=user.getUsername();


}catch(Exception e){
e.printStackTrace();
}
finally{
try{
dsc.releaseConnection(conn);
}catch(Exception e){}
}


session.setAttribute("password", user.getPassword()); // set correct password
session.setAttribute("email", user.getUsername()); // and email address (my username)
Cookie cookie = new Cookie("JforumSSO", user.getUsername());
cookie.setMaxAge(60*60*1);
cookie.setPath("/");
JForumExecutionContext.getResponse().addCookie(cookie);


if (user == null ) {
logger.warn("***DISABLED_ATTEMPT on Forum: "+user.getUsername()); // log disabled attempt.
return null;
}else{
return username;
}

}else{
return null;
}

}

public boolean isSessionValid(UserSession userSession, RequestContext request) {
String remoteUser = null;
Cookie SSOCookie = ControllerUtils.getCookie("JforumSSO");
if (SSOCookie != null) remoteUser = SSOCookie.getValue(); // jforum username

// user has since logged out
if(remoteUser == null &&
userSession.getUserId() != SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)) {
return false;

// user has since logged in
} else if(remoteUser != null &&
userSession.getUserId() == SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)) {
return false;

// user has changed user
} else if(remoteUser != null && !remoteUser.equals(userSession.getUsername())) {
return false;
}
return true; // myapp user and forum user the same
}


}


Can u Please tell where i need to modify

Note : i am not interesting to store in cookies is any alternative solutions .
[originally posted on jforum.net by gopal.g]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Hi

I have implemented SSO for Single Sign On for my application login.
it working fine. The problem is when a user login to my application and he done some operation on form and he logout using my application logout fueature, and again 2 user login and he went forum link it showes
"Connected users:1st login userinfo "


any body help please .


Thanks,
Gopal.G
[originally posted on jforum.net by gopal.g]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Hi,

I think I had a similar problem recently. Do you have cookies enabled?
When your application loggs out you need to delete the JForumSSO Cookie which is used in the example code of how to implement SSO.

The method checks for the cookie which is still alive.
I actually could not delete it. I guess the of JForum wrote it again.

I couldn't find a way to delete the userSession when logging out of my application.

I finally just used the regular HTTPSession to check the user from my application with the user in the JForum userSession. That way a user who disabled cookies has no problems.

Hope that helps.

@ everyone else: I'm still interested in how to delete the userSession. I tried to use the JForum API but I always got an Exception.

Norbert
[originally posted on jforum.net by TheSmile]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Well,

your code still looks like the sample SSO implementation.
Here's what I did:



Norbert
[originally posted on jforum.net by TheSmile]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Thanks Norbert

I have done with r u help.
[originally posted on jforum.net by gopal.g]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
Hi Norbert,

Can you plz guid how to implement Logout for SSO.



I have implemented as
SessionContext session2 = JForumExecutionContext.getRequest).getSessionContext();
session2.invalidate();
in my logout.java But this is not for working any sample code plz.



Thank you,
Gopal.G




[originally posted on jforum.net by gopal.g]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: sso(my app) 1stuser login and logout 2nd user login it show Connected users:1st login userinfo