-
1. Re: problem about cas sso:DBIdentityLoginModule can not get
soshah Aug 29, 2008 10:40 AM (in response to sportsbaby1980)Are you following the CAS integration instructions here:
http://docs.jboss.com/jbportal/v2.6.6/referenceGuide/html/sso.html#d0e13189
If not, please do this as a baseline for success, and then customize whatever you need to on your end
Note, make sure you are using CAS 3.0.7. I think the higher versions of CAS are incompatible with this approach of integration, since their App Server integration have changed
Thanks
Sohil -
2. Re: problem about cas sso:DBIdentityLoginModule can not get
sportsbaby1980 Aug 31, 2008 11:10 PM (in response to sportsbaby1980)thanks Sohil.
yes.
I have read the articles I can find about cas sso for jboss portal and successed.
Now,what I want to do is use our db instead of portal db as the user data of sso.
because our user password is custom encrypted ,so org.jboss.portal.identity.crm.DBIdentityLoginModule
can not authenticate successfully,
so should be decrypted it before authentication.
I have do a test:
write a sub class of IdentityLoginModule and DBIdentityLoginModule,just override the validatepassword(String inputpassword,String expectedpassword) method ,log the value of the parameters.
In the validatepassword method,the value of input password parameter is null.
But with the IdentityLoginModule provided by portal,it still ahtenticates successfully.
I have downloaded the jboss-4.23-src,
try to trace the login method and see what happened . -
3. Re: problem about cas sso:DBIdentityLoginModule can not get
sportsbaby1980 Aug 31, 2008 11:13 PM (in response to sportsbaby1980)the class I write:
import javax.security.auth.login.LoginException; import org.apache.log4j.Logger; import org.jboss.portal.identity.auth.IdentityLoginModule; public class CRMIdentityLoginModule extends IdentityLoginModule{ private static final Logger logger = Logger.getLogger(CRMIdentityLoginModule.class); @Override protected boolean validatePassword(String inputPassword, String expectedPassword) { logger.info("inputPassword="+inputPassword+",expectedPassword="+expectedPassword); return super.validatePassword(inputPassword, expectedPassword); } @Override protected String[] getUsernameAndPassword() throws LoginException { String [] strs = super.getUsernameAndPassword(); for(String str:strs){ logger.info("str==="+str); } return strs; } @Override protected String createPasswordHash(String username, String password, String arg2) throws LoginException { logger.info("arg0==="+username); logger.info("arg1==="+password); logger.info("arg2==="+arg2); return super.createPasswordHash(username, password, arg2); } }
result: 10:55:15,765 INFO [CRMIdentityLoginModule] str===029 10:55:15,765 INFO [CRMIdentityLoginModule] str===null 10:55:15,765 INFO [CRMIdentityLoginModule] inputPassword=null,expectedPassword=
-
4. Re: problem about cas sso:DBIdentityLoginModule can not get
sportsbaby1980 Aug 31, 2008 11:42 PM (in response to sportsbaby1980)In IdentityLoginModule,
protected boolean validatePassword(final String inputPassword, String expectedPassword) { HttpServletRequest request = null; try { request = (HttpServletRequest) PolicyContext.getContext("javax.servlet.http.HttpServletRequest"); } catch(Exception e) { log.error(this,e); throw new RuntimeException(e); } Object ssoSuccess = request.getAttribute("ssoSuccess"); if(ssoSuccess != null) { return true; }
I think I find it.
If sso,just return true.
So I can do the same in the DBIdentityLoginModule.
yes or no? -
5. Re: problem about cas sso:DBIdentityLoginModule can not get
sportsbaby1980 Sep 1, 2008 2:31 AM (in response to sportsbaby1980)import javax.security.auth.login.LoginException; import javax.security.jacc.PolicyContext; import javax.servlet.http.HttpServletRequest; import org.jboss.portal.identity.auth.DBIdentityLoginModule; public class CRMDBIdentityLoginModule extends DBIdentityLoginModule { @Override protected boolean validatePassword(String inputPassword, String expectedPassword) { // logger.info("inputPassword=="+inputPassword); // logger.info("expectedPassword=="+expectedPassword); HttpServletRequest request = null; try { request = (HttpServletRequest) PolicyContext .getContext("javax.servlet.http.HttpServletRequest"); } catch (Exception e) { log.error(this, e); throw new RuntimeException(e); } Object ssoSuccess = request.getAttribute("ssoSuccess"); // logger.info("ssoSuccess=="+ssoSuccess); if (ssoSuccess != null) { return true; } return super.validatePassword(inputPassword, expectedPassword); } @Override protected String createPasswordHash(String username, String password, String arg2) throws LoginException { return password; } }
-
6. Re: problem about cas sso:DBIdentityLoginModule can not get
teddyliu Aug 24, 2009 10:13 PM (in response to sportsbaby1980)I have the exactly same problem with you. have you resolved the it. I really want know how to deel with this.