2 Replies Latest reply on Oct 29, 2008 12:46 PM by Micah Cleveland

    single signe-on configuration with JAAS

    Ahmad Elhadidy Newbie

      hi all
      i want to integrate sso with JAAS i read tutorial that help for that and do the following

      add file context.xml under WEB-INF for each .war i want to share in sso
      this is it's

      <?xml version="1.0" encoding="UTF-8"?>
      <Context path="/projectA1" docBase="./deploy/clusteredservlet.war">
       logoutURL - URL for performing logout/signout function in your application
       <Valve className="org.jboss.security.valve.SSOAutoLogout"
       logoutURL="{logoutURL of your application}"/>
       assertingParty - this is the partnerId of this application as a part of a federation of multiple partner sites
       <Valve className="org.jboss.security.valve.SSOTokenManager"
       tomcat built-in AuthenticationTypes: FORM,BASIC,DIGEST,CLIENT-CERT
       <Valve className="org.jboss.security.valve.SSOAutoLogin"
       authType="FORM" provider="si:jboss-sso:ldap:login"/>

      this is the jboss-web.xml file in each war

      <?xml version="1.0" encoding="UTF-8"?>

      and this is login module defined in login-config.xml in
      [jboss Home]\server\default\conf

       <application-policy name = "$webConsoleDomain">
       <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule"
       flag = "required">
       <module-option name="usersProperties">web-console-users.properties</module-option>
       <module-option name="rolesProperties">web-console-roles.properties</module-option>
       <module-option name="provider">si:jboss-sso:ldap:login</module-option>

      in previous file i add this line
      as i understand from tutorial to make login module use
      this provider to get user login data
      after all that the sso dont work where second application require login data
      after i login in first application
      what is wrong ? or what is missing?

      thanks in advance