File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes JForum and the fly likes SSO IMPLEMENTATION Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Products » JForum
Bookmark "SSO IMPLEMENTATION" Watch "SSO IMPLEMENTATION" New topic
Author

SSO IMPLEMENTATION

Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
hi,

i am trying to make sso for my site,i have configured what jforum tells.and i have used CookieUserSSo class.

when i logged in (site login) and entered into jforum .but didnt display user list , it didnt create create user on the fly ,

please guide me to set sso for my site .

The documentation says that if the username returned from authenticateUser() does not have an associated userid, then one is created on the fly. Does this mean that the username is added to the jforum_users table, permanently?


ashok

[originally posted on jforum.net by askr03]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
I can help u.
Here the CookieUSERSSO i used :
package net.jforum.sso;

import javax.servlet.http.Cookie;
import net.jforum.context.RequestContext;
import net.jforum.JForumExecutionContext;
import net.jforum.ControllerUtils;
import net.jforum.entities.UserSession;
import net.jforum.util.preferences.ConfigKeys;
import net.jforum.util.preferences.SystemGlobals;
import org.apache.log4j.Logger;
//JForumExecutionContext.getRequest()
//JForumExecutionContext.getRequest().getSession()
public class CookieUserSSO implements SSO {

static final Logger logger = Logger.getLogger(CookieUserSSO.class.getName());

public String authenticateUser(RequestContext request) {
// myapp login cookie, contain logged username
Cookie myCookie = ControllerUtils.getCookie("JForumSSO");
String username = null;

if (myCookie != null) {
username = myCookie.getValue();
}


return username; // jforum username
}

public boolean isSessionValid(UserSession userSession, RequestContext request) {
Cookie SSOCookie = ControllerUtils.getCookie( SystemGlobals.getValue(ConfigKeys.COOKIE_NAME_USER ));
// myapp login cookie
String remoteUser = null;

if (SSOCookie != null) {
remoteUser = SSOCookie.getValue(); // jforum username
}

// user has since logged out
if(remoteUser == null && userSession.getUserId() != SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)) {
return false;
// user has since logged in
} else if(remoteUser != null && userSession.getUserId() == SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)) {
return false;
// user has changed user
} else if(remoteUser != null && !remoteUser.equals(userSession.getUsername())) {
return false;
}

return true; // myapp user and forum user the same
}
}

compile that java file and put it into net/jforum/sso folder.


then u should make sso enable on SystemGlobals.properties file :
make some changes on ;
find : "authentication.type" and convert to ;
authentication.type = sso

sso.implementation = net.jforum.sso.CookieUserSSO

When you want to create user just use :
simple login :
login.jsp ;
<% <br /> Cookie cookie = new Cookie("JForumSSO","TestUser"); <br /> cookie.setMaxAge( -1 ); <br /> cookie.setPath( "/" ); <br /> response.addCookie( cookie ); <br /> out.flush(); <br /> response.sendRedirect("http://www.mywebsite.com/jforum"); <br /> return; <br /> %>

when u enter login.jsp ; TestUser will be created on forum
if this user is not created already.
But if TestUser is already created and user entered login.jsp ;
so user will just login.
U may ask when user get created whats default password and user information given ;

look at SystemGlobals.properties ;
sso.default.email = sso@user
sso.default.password = sso

Well , if u want to set them manually , u should use DAO or Temporary DB for user...
Also this login type is so vulnerable not secure.
Everybody can hack u easy.
I'll make some modifications and give u too when i done all.
Take care...
[originally posted on jforum.net by kadirbasol]
Migrated From Jforum.net
Ranch Hand

Joined: Apr 22, 2012
Posts: 17424
i have configured before i saw u answer ,

thank u very much for ur reply ,i need ur help to enter as admin login , i am using hsqldb



[originally posted on jforum.net by askr03]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: SSO IMPLEMENTATION