On 12/09/2011 07:00 AM, Aaron Freeman wrote:


After more trial and error I was able to replace the <resin:Forward> with <path-mapping> and get the workaround working, but we still have to log in twice.

Any thoughts on what I might be missing for single sign-on to work?

Thanks,

Aaron

*From:*resin-interest-boun...@caucho.com [mailto:resin-interest-boun...@caucho.com] *On Behalf Of *Aaron Freeman
*Sent:* Friday, December 09, 2011 12:19 AM
*To:* General Discussion for the Resin application server
*Subject:* [Resin-interest] Single Signon Questions

Using Resin 4.0.23 we are trying to get single sign-on working per this link:

http://www.caucho.com/resin-4.0/admin/security-overview.xtp#SingleSignon

I have placed the resin:XmlAuthenticator at the host level. Per the example. Also tried this at both the host and cluster level:

<web-app-default>

<resin:FormLoginform-login-page=/"/login.jsp"//>

<session-configreuse-session-id=/'true'/ enable-cookies=/'true'/ enable-url-rewriting=/'false'/ cookie-domain=/'.mydomain.com'//>

</web-app-default>

We are able to log into:

<web-app id="/" ...>

But when we go to the next webapp which is defined as:

<web-app id="/birt" ...>


For the single-signon to work, you need a <resin:MemorySingleSignon/> at the <host> level, which will save the data (otherwise single-signon isn't enabled.)

The second problem is a trickier one. We could have a new absolute-form-login-page, which is relative to the server root, not the web-app.

-- Scott

It doesn't see that we are logged in and tries to send us to /birt/login.jsp which obviously doesn't exist. I have tried putting in resin:Forward to redirect to absolute-target="/login.jsp", but it appears the internal redirect from j_security_check doesn't "honor" resin:Forward rules.

I don't believe it should be redirecting in the first place though, if single signon works.

Any hints at what I am missing to get single signon working, or if it's not possible a work around to the fact that the /birt webapp is trying to call /birt/login.jsp instead of /login.jsp as defined in resin:FormLogin?

Thanks,

Aaron


_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Reply via email to