6 Replies Latest reply on Mar 7, 2007 4:08 AM by Johan Wasserman

    Flexing JBoss Portal - Q1

    Johan Wasserman Newbie

      I'm new to Felx and JB Portal (about a month on each), and have to develop this sexy app. I insisted on using JB Portal and Flex....

      Using Portal 2.4.0 GA, on JBoss 4.0.5 GA, FLex Builder 2, MySQL, LDAP (Apache DS), and have the LDAP login thing configured and working (I need to optionally extend the login thing as well by supplying the company id as a third parameter to login, that will search the subtree of the company [o=companyID] for the user).

      Now I'd like to replace the User Portal with a Fex login app (instead of redirecting to the (sory guys) "ugly" login page provided by portal.

      I need a startoff, where or what do I use to acheive this.

      I was thinking of using the login.jsp ([JBP-install]/server/defualt/deploy/jboss-portal.sar/portal-server.war/login.jsp) and HTTPService on Flex to call the jsp, but when I use the jsp I get an ugly:
      HTTP Status 400 - Invalid direct reference to form login page
      The request sent by the client was syntactically incorrect (Invalid direct reference to form login page).

      Anyone done this, or busy doing this, or have a good idea of how to do this, help would be greatly appreciated. (Since time is against me and I've been putting something small on a block to get these wonderfull technologies to provide a solution)

      Thank you, dankie, faleminderit, merci, chokrane, Barak Allahu fiik, chnorakaloutioun, tesekkur edirem, a ni kié, milesker, dziakuju, dhanyabaad, a ni kié, hvala, trugéré, merci / blagodaria, (thint ko) kyay tzu, tin pa te, gràcies, salamat, xièxie, grazie, hvala, dekuji, tak, dank u wel, dankon, tänan, akpé, takk fyri, vinaka, kiitos, merci, dankewol, gracie, gracias, danke, efharisto, aguyjé, aabhar, mèsi, mahalo, toda, dhanyavad, köszönöm, takk, terima kasih, go raibh maith agat, grazie, arigatô, tanemirt, dhanyavadagalu, akun, murakoze, kam sah hamnida, sobodi, tenki, spas, khob chai, gratias ago, paldies, choukrane, aciu, dank ju wel, merci, blagodaram, misaotra, terima kasih, nanni, grazzi, aabhar, bayarlalaa, takk, mercé, danki, mersi, dziekuje, obrigado, najis tuke, multumesc, spacibo, faafetai lava, gratzias, tapadh leibh, hvala, waita, meharbani, stuutiyi, dakujem, hvala, hvala, gracias, asante, tack, salamat po, mauruuru, nanedri, rahmat, kop khun krap, yekeniele, sagolun, tau
      diakuiu, shukriya, merci, diolch, mèsi, djiere dieuf, enkosi, a dank, o sheun, ngiyabonga
      In Advance

        • 1. Re: Flexing JBoss Portal - Q1
          Thomas Heute Master

          No you shouldn't call login.jsp directly, it cannot work. You are redirected to this page when you try to access a protected resource.

          The configuration of the form-login-page is in portal-server.war/WEB-INF/web.xml

          You could point to your flex page, but your flex form would need to call j_security_check as done in login.jsp

          I don't know flex so i can't tell if at the end you can make it work or not. Let us know if you succeed.

          • 2. Re: Flexing JBoss Portal - Q1
            Antoine Herzog Master

            hello,

            yes, you can (and it is a good way to) use the login.jsp.
            the file is defined in the web.xml.
            for any reason I don't know, I could not have it work with another name of file, replacing this file name.
            so better just to keep this file name and modify the file.

            I don't know the flex things, but what you can do is :
            a) modify the login.jsp to show a "nice" login window.
            b) put in the login.jsp a redirection (meta refresh) to send the user to whatever authentification application you want. You just have to go back from this application with provided the right things for tomcat : ie : the principal and the group.

            both are working.
            the b) option is more heavy to build and to tune to have work properly. It is only needed if you have to authenticate with special means (card, code number from a list, etc...) that are not provided as standard authentication by tomcat.

            the other question is : do you really need Flex things "in the middle of authentification process" ?
            if so, you may look also at SSO, to get the authentification propagated.

            also : for LDAP, version 2.6 (alpha 2) propose some authentification based on LDAP. You may want to look at it, at how it works.

            hope it helps...

            • 3. Re: Flexing JBoss Portal - Q1
              Antoine Herzog Master

              posted the same time as Thomas.

              when I say :
              yes, you can (and it is a good way to) use the login.jsp.
              the file is defined in the web.xml.

              that is : not calling it directly, but letting tomcat do it in its login process....
              as Thomas noted it.

              look at tomcat authentification process to see more of how the whole thing works...

              • 4. Re: Flexing JBoss Portal - Q1
                Johan Wasserman Newbie

                Thanks Thomas, Antoine

                Your answers gave me a good idea of what to do, but now I have a stupid question, where is the origin of j_security_check?

                See, with Flex you can use Remote Objects, you write an action script and declare your remote object, with parameters, and then I would be able to use j_security_check much like in the jsp.

                Example:
                I have a bean (using himernate)
                package pah.to
                public class User {
                private String username;
                public User();
                public User(String username) { this.username = username; }
                public String getUsername() { return this.username; }
                public void setUsername(String username) { this.username = username; }
                }

                In Flex I decalre an Action Script
                package com.blah {
                [Managed]
                [RemoteClass(alias="path.to.User")]
                public class User {
                public function User() {}
                public function setUsername(username:String);
                public var username:String;
                }

                (note, mistakes above are accidental, the code above is just provided for quick and dirty illustrative purpose and might not be 100% correct)

                Get the idea so far? Ok, no I can call setUsername in my flex app.
                I know that was a quick and dirty, and hope it helps you to see what I am looking for. I need a package to make an ActionScript Class off so I can call j_security_check.... or am I missing the ball tragically?

                • 5. Re: Flexing JBoss Portal - Q1
                  Johan Wasserman Newbie

                  Thanks guys, I think I found the solution, will post it here in a couple of hours, but before I waste more time, the most important question:

                  Should I provide the login.jsp as a portlet in the User Portlet, in other words, the user portlet itself contains the login.jsp instead of redirecting to it, and I log in, would that work?

                  • 6. Re: Flexing JBoss Portal - Q1
                    Johan Wasserman Newbie

                    Nope, heven't been able do it. Now I have a lovely Flex login form, and I can post to j_security_check, but I cant access this form from the portal due to flex's requirements.... I have to figure out how to point the login jsp to another (accepted) location.

                    Currently in []/jboss-portal.sar/portal-server.war/WEB-INF/web.xml there are two entries pointing to the login page (also see the change I tried):
                    Note:
                    http://localhost/portal/
                    http://localhost/ware/...

                    <servlet-mapping>
                    <servlet-name>jsp</servlet-name>
                    <url-pattern>/login.jsp</url-pattern>
                    <!--url-pattern>/ware/login/login.jsp</url-pattern-->
                    </servlet-mapping>
                    <login-config>
                    <auth-method>FORM</auth-method>
                    <realm-name>JBoss Portal</realm-name>
                    <form-login-config>
                    <form-login-page>/login.jsp</form-login-page>
                    <!--form-login-page>/ware/login/login.jsp</form-login-page-->
                    <form-error-page>/error.jsp</form-error-page>
                    </form-login-config>
                    </login-config>