• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Ron McLeod
  • Paul Clapham
  • Tim Cooke
  • Devaka Cooray
Sheriffs:
  • Liutauras Vilda
  • paul wheaton
  • Rob Spoor
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • Piet Souris
  • Mikalai Zaikin
Bartenders:
  • Carey Brown
  • Roland Mueller

SSO IMPLEMENTATION

 
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
hi,

i am trying to make sso for my site,i have configured what jforum tells.and i have used CookieUserSSo class.

when i logged in (site login) and entered into jforum .but didnt display user list , it didnt create create user on the fly ,

please guide me to set sso for my site .

The documentation says that if the username returned from authenticateUser() does not have an associated userid, then one is created on the fly. Does this mean that the username is added to the jforum_users table, permanently?


ashok

[originally posted on jforum.net by askr03]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I can help u.
Here the CookieUSERSSO i used :
package net.jforum.sso;

import javax.servlet.http.Cookie;
import net.jforum.context.RequestContext;
import net.jforum.JForumExecutionContext;
import net.jforum.ControllerUtils;
import net.jforum.entities.UserSession;
import net.jforum.util.preferences.ConfigKeys;
import net.jforum.util.preferences.SystemGlobals;
import org.apache.log4j.Logger;
//JForumExecutionContext.getRequest()
//JForumExecutionContext.getRequest().getSession()
public class CookieUserSSO implements SSO {

static final Logger logger = Logger.getLogger(CookieUserSSO.class.getName());

public String authenticateUser(RequestContext request) {
// myapp login cookie, contain logged username
Cookie myCookie = ControllerUtils.getCookie("JForumSSO");
String username = null;

if (myCookie != null) {
username = myCookie.getValue();
}


return username; // jforum username
}

public boolean isSessionValid(UserSession userSession, RequestContext request) {
Cookie SSOCookie = ControllerUtils.getCookie( SystemGlobals.getValue(ConfigKeys.COOKIE_NAME_USER ));
// myapp login cookie
String remoteUser = null;

if (SSOCookie != null) {
remoteUser = SSOCookie.getValue(); // jforum username
}

// user has since logged out
if(remoteUser == null && userSession.getUserId() != SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)) {
return false;
// user has since logged in
} else if(remoteUser != null && userSession.getUserId() == SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)) {
return false;
// user has changed user
} else if(remoteUser != null && !remoteUser.equals(userSession.getUsername())) {
return false;
}

return true; // myapp user and forum user the same
}
}

compile that java file and put it into net/jforum/sso folder.


then u should make sso enable on SystemGlobals.properties file :
make some changes on ;
find : "authentication.type" and convert to ;
authentication.type = sso

sso.implementation = net.jforum.sso.CookieUserSSO

When you want to create user just use :
simple login :
login.jsp ;
<% <br /> Cookie cookie = new Cookie("JForumSSO","TestUser"); <br /> cookie.setMaxAge( -1 ); <br /> cookie.setPath( "/" ); <br /> response.addCookie( cookie ); <br /> out.flush(); <br /> response.sendRedirect("http://www.mywebsite.com/jforum"); <br /> return; <br /> %>

when u enter login.jsp ; TestUser will be created on forum
if this user is not created already.
But if TestUser is already created and user entered login.jsp ;
so user will just login.
U may ask when user get created whats default password and user information given ;

look at SystemGlobals.properties ;
sso.default.email = sso@user
sso.default.password = sso

Well , if u want to set them manually , u should use DAO or Temporary DB for user...
Also this login type is so vulnerable not secure.
Everybody can hack u easy.
I'll make some modifications and give u too when i done all.
Take care...
[originally posted on jforum.net by kadirbasol]
 
Migrated From Jforum.net
Ranch Hand
Posts: 17424
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i have configured before i saw u answer ,

thank u very much for ur reply ,i need ur help to enter as admin login , i am using hsqldb



[originally posted on jforum.net by askr03]
 
The two armies met. But instead of battle, they decided to eat some pie and contemplate this tiny ad:
We need your help - Coderanch server fundraiser
https://coderanch.com/wiki/782867/Coderanch-server-fundraiser
reply
    Bookmark Topic Watch Topic
  • New Topic