I am trying to implement SSO using JForum. In my case, Users are already logged into a specific domain.(Windows) And then, when they try to access JForum, they should be automatically logged in with the domain user ID.
I have changed the SystemGlobals.properties file : authentication.type = sso
But in the RemoteUserSSO.java, the function request.getRemoteUser() returns null.
Based on some previous post, I could see that this function will return some value if the authenticated user is available in the request object. There are few pointers to change certain settings for this in Tomcat. But I am using Sun Java System Application Server 8.1 to deploy Jforum web app.
Please let me know if there are any settings to be done in Sun App server so that the authenticated windows logged in user id is returned in the request.
PLEASE HELP... [originally posted on jforum.net by Sanjana]
request.getRemoteUser() will return null if there is no "upstream" security agent. E.g., Apache front ending with an .htaccess rule or a J2EE security constraint in the web.xml file.
The Sun application server will support the J2EE security constraints in the web.xml (see Specs for details). It MAY support doing such constraints across web-apps, but this is not part of the spec. You'll have to check your app server docs. [originally posted on jforum.net by monroe]
You showed up just in time for the waffles! And this tiny ad:
Building a Better World in your Backyard by Paul Wheaton and Shawn Klassen-Koop