1 Reply Latest reply on Nov 1, 2006 4:35 PM by Sohil Shah

    Partner Web Application

    Nipun Batra Newbie

      Hi

      Thanks for your response Sohil

      I have one more question

      I have Jboss running on machine A, and on this machine I install my jboss-federation-server-exploded.ear and jboss-federation-server.sar
      I also have one web application running on machine A.


      Now on machine B whcih is a remote machine with same domain, I have another web application running, So do we have to define somewhere that my main server is A.

      In the "JBoss Federated SSO - Federation Server Setup" it is mentiond that

      "Each security domain where partner sites are present must run an instance of the Federation Server. Then the Federation Servers between the security domains communicate with each other to exchange SSO Token assertions."

      Does this means that I have to install jboss-federation-server-exploded.ear and jboss-sso.sar on each jboss instance.

      Thanks for your help
      Nipun

        • 1. Re: Partner Web Application
          Sohil Shah Master

          Nipun-

          You need to install a single instance of the Federation Server per domain. So in your case since Machine A and Machine B are on the same domain,

          you can just install the federation-server.ear file on any one of them.


          You need to install jboss-sso.sar on both machines though.

          Just make sure in the jboss-sso.sar/conf/sso.cfg.xml you point to the Trust Server (which is the Federation Server also)

          <!-- sso processor for SingleSignOn, the default JBossSingleSignOn processor uses OpenSAML-1.0,
           the next version of this processor will use the latest SAML specification
           -->
           <sso-processor>
           <processor class="org.jboss.security.saml.JBossSingleSignOn">
           <property name="trustServer">http://node1.jboss.com:8080/federate/trust</property>
           </processor>
           </sso-processor>
          


          Here make sure the trust server points to the url where the federation server is installed.


          Just to clarify the binaries:

          jboss-federation-server.ear is the federation server (one per domain)
          jboss-federation-server-exploded.ear is same but exploded ear file
          jboss-sso.sar - sso service archive (must be installed on all partner instances)


          Thanks
          Sohil