INFO [SessionFacade ] Removing session A3C4FB0D88FB27AD54B642C8DD98A00E
time wrote:I handle the JForum database in my application, adding new users and managing their record. When a new user registers with my site, I create all of the necessary JForum records (including the user's group) and set the password using the password the user entered for my webapp.
I then remove the "register", "logout", and "My Profile" links under JForum. I subsume the JForum profile information into my user profile page, and handle the JForum database update within my app.
That's it. It works so well, I wish it was a standard.
I wanted my users to never see the JForum login. If you can explain how to accomplish this with SSO, I would love to hear it.
authentication.type=sso disables all register/login/recover password options in jforum menu.
whenever you access jforum authenticateUser() and isSessionValid() methods determine wether you are logged in or not on your main app. because i use a persistent login cookie thats what i used in those methods :-
I'm not disagreeing with anyone's aproach it's just that I used the built-in SSO stuff - and it took care of all you mentioned in above quote (cept login to forum at same time as login to host app) and its been trouble free.
Just like to use code if its already there.
conquest wrote:So Mark are you running all within the same context? ie did you just copy all the jforum files and merge the web.xml?[
MrNice sed wrote:I approach integrating jforum into existing app by simply creating a virtual host in tomcat with multiple contexts. I don't use the tomcat webapp folder - just install the /manager app context in the virtual host:
1. your app at context /
2. forum at context /forum
3. manager at context /manager (only allow LAN access)
then I use SSO for sign-on if required by the 'root' application. I find this approach very flexible and easy to manage.
Or perhaps this is getting messy.