-
1. Re: How to authenticate within portlet?
bsmithjj Sep 29, 2005 9:13 AM (in response to marec)I have solved this problem using JBoss Portal - my solution is sketched out here. The basis of the solution is you will need to do 3 things.
1. Develop your main portal page including login portlet. Create appropriate security constraints in web.xml (require FORM based authentication, etc.) - our 'main' portal page (and portlets) will be
packaged in .war file and we access it under the context:
http://myserver:myport/portal/myportal/index.html
a.) in your web.xml (I modified JBoss's jboss-portal.sar/portal-server.war/WEB-INF/web.xml as I wanted to replace the entire look-and-feel of the portal and apply my security constraints - you can make similar modifications to your own portal web.xml. ), add security constraints for your page:<?xml version="1.0"?> <!DOCTYPE web-app PUBLIC "-//Sun Microsystems, Inc.//DTD Web Application 2.3//EN" "http://java.sun.com/dtd/web-app_2_3.dtd"> <web-app> .... <security-constraint> <web-resource-collection> <web-resource-name>Authenticated</web-resource-name> <description></description> <url-pattern>/myportal/*</url-pattern> </web-resource-collection> <auth-constraint> <role-name>Authenticated</role-name> </auth-constraint> </security-constraint> ... <login-config> <auth-method>FORM</auth-method> <realm-name>Odyssey SMF Portal</realm-name> <form-login-config> <form-login-page>/login.jsp</form-login-page> <form-error-page>/login.jsp</form-error-page> </form-login-config> </login-config> <security-role> <role-name>Authenticated</role-name> </security-role> </webapp>
b. Sample view.jsp for your login portlet (which use in both your main portal and your login portal) SEE NEXT POST - OUT OF SPACE HERE
2. Develop a second portal, let's call it /login/*, packaged in its own war - this second portal needs a copy of the page you designed in step 1. and it needs to be created as the default page (in login-portal.xml) for /login/*. We will access (indirectly - described below) using this URL:
http://myserver:myport/portal/login/
3. Modify your JBoss Portal installation:
a.) In */jboss-portal.sar/portal-server.war/login.jsp change it to redirect to your login portal (here is my login.jsp)<% response.sendRedirect("/portal/login/"); %>
b.) Create */jboss-portal.sar/portal-server.war/logout.jsp and put this code in it:<% session.invalidate(); response.sendRedirect("/portal/myportal/"); %>
NOTE: -
2. Re: How to authenticate within portlet?
bsmithjj Sep 29, 2005 9:22 AM (in response to marec)LoginPortlet's view.jsp
.... <portlet:defineObjects/> <c:choose> <!-- NOTE MISSING $ !!! - BB BLOWS UP IF I PUT IT HERE --> <c:when test="[DOLLAR SIGN HERE]{empty renderRequest.remoteUser}"> <form method="POST" action="j_security_check" onsubmit="checkLogin(this);"> <b>Login</b><br/><br/> <table width="100%" cellpadding="0" cellspacing="0"> <tr> <td align="right" width="100"> Username: </td> <td align="left"> <input type="text" name="j_username" value=""/> </td> </tr> <tr> <td align="right" width="100"> Password: </td> <td align="left"> <input type="password" name="j_password" value=""/> </td> </tr> <tr> <td colspan="2" align="center"> <input type="submit" name="login" value=" Login "/> </td> </tr> </table> </form> </td> </tr> </c:when> <c:otherwise> <tr> <td align="left"><span class="portlet-form-field-label">Logged in as: </span><span>[DOLLAR SIGN HERE]{renderRequest.remoteUser}</span></td> <td align="right"><a href="/portal/logout.jsp">Logout</a></td> </tr> </c:otherwise> </c:choose>
-
3. Re: How to authenticate within portlet?
bsmithjj Sep 29, 2005 9:28 AM (in response to marec)Another point, here are the contents of my login.war:
bash-2.05b$ jar tvf login.war 0 Thu Jul 21 11:48:44 EDT 2005 META-INF/ 398 Thu Jul 21 11:48:42 EDT 2005 META-INF/MANIFEST.MF 0 Thu Jul 21 11:48:40 EDT 2005 WEB-INF/ 57 Thu Jul 21 11:38:32 EDT 2005 WEB-INF/jboss-app.xml 440 Thu Jul 21 11:38:12 EDT 2005 WEB-INF/jboss-web.xml 3771 Thu Jul 21 11:37:44 EDT 2005 WEB-INF/login-portal.xml 586 Thu Jul 21 11:48:40 EDT 2005 WEB-INF/web.xml
Note there is no code(or pages) it simply references the portlets deployed in my main portal