Perfect, you might pass a note for someone to upgrade the Single Signon docs
in that link I referenced below.

 

As for the second part, the path-mapping works great so I wouldn't worry
about adding a new param.

 

Thanks,

 

Aaron

 

 

From: resin-interest-boun...@caucho.com
[mailto:resin-interest-boun...@caucho.com] On Behalf Of Scott Ferguson
Sent: Monday, December 12, 2011 6:22 PM
To: resin-interest@caucho.com
Subject: Re: [Resin-interest] Single Signon Questions

 

On 12/09/2011 07:00 AM, Aaron Freeman wrote: 

After more trial and error I was able to replace the <resin:Forward> with
<path-mapping> and get the workaround working, but we still have to log in
twice.

 

Any thoughts on what I might be missing for single sign-on to work?

 

Thanks,

 

Aaron

 

 

From: resin-interest-boun...@caucho.com
[mailto:resin-interest-boun...@caucho.com] On Behalf Of Aaron Freeman
Sent: Friday, December 09, 2011 12:19 AM
To: General Discussion for the Resin application server
Subject: [Resin-interest] Single Signon Questions

 

Using Resin 4.0.23 we are trying to get single sign-on working per this
link:

 

http://www.caucho.com/resin-4.0/admin/security-overview.xtp#SingleSignon

 

I have placed the resin:XmlAuthenticator at the host level.  Per the
example.  Also tried this at both the host and cluster level:

 

<web-app-default>

      <resin:FormLogin form-login-page="/login.jsp"/>

      <session-config reuse-session-id='true' enable-cookies='true'
enable-url-rewriting='false' cookie-domain='.mydomain.com'/>

</web-app-default>

 

We are able to log into:

 

<web-app id="/" .>

 

But when we go to the next webapp which is defined as:

 

<web-app id="/birt" .>


For the single-signon to work, you need a <resin:MemorySingleSignon/> at the
<host> level, which will save the data (otherwise single-signon isn't
enabled.)

The second problem is a trickier one. We could have a new
absolute-form-login-page, which is relative to the server root, not the
web-app.

-- Scott




 

It doesn't see that we are logged in and tries to send us to /birt/login.jsp
which obviously doesn't exist.  I have tried putting in resin:Forward to
redirect to absolute-target="/login.jsp", but it appears the internal
redirect from j_security_check doesn't "honor" resin:Forward rules.

 

I don't believe it should be redirecting in the first place though, if
single signon works.

 

Any hints at what I am missing to get single signon working, or if it's not
possible a work around to the fact that the /birt webapp is trying to call
/birt/login.jsp instead of /login.jsp as defined in resin:FormLogin?

 

Thanks,

 

Aaron

 
 
_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

 

_______________________________________________
resin-interest mailing list
resin-interest@caucho.com
http://maillist.caucho.com/mailman/listinfo/resin-interest

Reply via email to