[
https://issues.apache.org/jira/browse/OFBIZ-6963?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=15763613#comment-15763613
]
Shi Jinghai commented on OFBIZ-6963:
------------------------------------
Great! Hope to see your patch soon.
CAS SSO is promising, and with Shiro, you can make OFBiz be a OAuth2 provider.
BTW, you can also replace the current externalLoginKey to TGC value.
> Single sign-on to OFBiz with CAS
> --------------------------------
>
> Key: OFBIZ-6963
> URL: https://issues.apache.org/jira/browse/OFBIZ-6963
> Project: OFBiz
> Issue Type: Improvement
> Components: ALL APPLICATIONS
> Affects Versions: Trunk
> Reporter: james yong
>
> OFBiz is made up of several web applications.
> To allow the user to sign in only once, a unique token value is presented for
> verification each time the user navigates to an unvisited web application.
> This approach has the following limitations:
> 1) You cannot work with multiple windows, as there is only 1 valid token
> value at any time and other token values will be invalid in older-opened
> windows.
> 2) There is a need to refresh the whole page, so that all links will contain
> the valid token value.
> 3) Not easy to compose a page that get contents from different web
> applications in OFBiz
> Adding CAS SSO component as a core into OFBiz will remove the limitations
> mentioned above.
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
