Jignesh Badani <[EMAIL PROTECTED]> writes: > Hi, am just a week into Jetspeed. We have a SSO (Single Sign On) > infrastructure using SiteMinder (Netegrity) and would like to integrate > Jetspeed into the same.Currently running JetSpeed 1.4
The problem looks simple, but it is not. 1. User information. Don't you want to re-use user information from SiteMinder? Then you have to somehow serve and/or fill-up instances of JetspeedUser to Jetspeed. Depending on your need, this may require you to extend JetspeedUser, and also override default authentication code. 2. User's role & group information. The role and group information is exclusive to Jetspeed. Somehow you must make an association that user A has role B,C,D and is in group E. 3. Depending on how you override the default security service, you may need to implement Permission Management: assigning previleges to each role. Sounds complex? It is not. Simply go to http://jakarta.apache.org/jetspeed/site/security.html and implements the needed interfaces (from your description, at least the following interfaces must be implemented: PortalAuthentication, and UserManagement). And if you need to extend JetspeedUser, that page also tells you a common way to do it. > Now I could put in my code in the login method of JetSpeedAuthentication to achieve > SSO here but: > > 1. Modifying the JetspeedAuthentication class, is it recommended ? Don't. JetspeedAuthentication will call your implementation of PortalAuthentication interface. > 2. If yes, how do I invoke this class/code when some user (already > authenticated by 3rd party) clicks on the Portal link http://xyz.com/JetSpeed/Portal Parameterise your call. The default login code expect the parameters "username" and "password", e.g.: http://xyz.com/jetspeed/portal/portal?action=JLoginUser&username=xxx&password=xxx (for your case, password is an optional parameter). > 3. Or is there a better way to achieve SSO ? Is there a Login Portlet or > due in the next release ? I think what they mean by 'Login portlet' is simply a {Velocity,JSP,HTML}portlet that is basically contain something like: <DIV ALIGN="left"> <form method="POST" action="$link" enctype="application/x-www-form-urlencoded"> <INPUT NAME="$jlink.ActionKey" TYPE="hidden" VALUE="$config.getString("action.login")" /> <TABLE> <TR> <TD>User ID:</TD> <td> <input value="" name="username" maxlength="25" type="text" tabindex="1" style="font-size:10"> </td> </TR> <TR> <TD>Password:</TD> <td> <input value="" name="password" maxlength="25" type="password" tabindex="2" style="font-size:10"> </td> </TR> </TABLE> </FORM> </DIV> The above snipped is using Velocity (thus must be in VelocityPortlet). Hope this helps you, YS. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
