You are viewing a plain text version of this content. The canonical link for it is here.

Posted to dev@ofbiz.apache.org by James Yong <ja...@apache.org> on 2017/12/10 15:42:32 UTC

Re: Tomcat SSO

Hi Taher, all,

Sorry for the late reply.
I have created a JIRA issue for further discussion and also uploaded a proof-of-concept.
Please see https://issues.apache.org/jira/projects/OFBIZ/issues/OFBIZ-10047

Regards,
James Yong

On 2017-11-07 03:42, Taher Alkhateeb <sl...@gmail.com> wrote: 
> Perhaps sharing exactly how you'd like to implement this would help.
> 
> On Sun, Nov 5, 2017 at 7:12 PM, James Yong <ja...@apache.org> wrote:
> > Hi all,
> >
> > I would like to revisit this issue. Specifically on whether implementing Tomcat SSO to avoid using externalLoginKey is a sound approach. Thanks.
> >
> > Regards,
> > James Yong
> >
> > On 2017-05-05 18:02, Taher Alkhateeb <sl...@gmail.com> wrote:
> >> I've been contemplating this for a while, but it is not an easy task.
> >> Essentially, we need to fully refactor the Catalina Container and do a lot
> >> of cleanup to reverse the way OFBiz is deployed to be a single web
> >> application, not multiple web applications mapped to a single servlet
> >> container as is the architecture at the moment.
> >>
> >> For this to happen, we need to do many things:
> >> 1- Complete the refactoring of all containers to get the new signature of
> >> OfbizCommand argument list
> >> 2- Redesign the container so that everything is loaded once as a single
> >> webapp through one master servlet. This would have the advantage of being
> >> able to deploy OFBiz as a single WAR archive to be deployed in any servlet
> >> container
> >> 3- Redesign all components (if needed) to comply with this new architecture
> >>
> >> This is one of the things I've been dabbling with lately, but it's bigger
> >> than I expected. The code in the catalina container is very spaghetti like
> >> at the moment.
> >>
> >> So, I would say it's a good idea, but needs lots of cleanup / refactoring
> >> work first if you want to have a good chance of succeeding in
> >> implementation. Without a proper cleanup you might get a bit overwhelmed in
> >> trying to navigate the code maze :) So good luck.
> >>
> >> On Fri, May 5, 2017 at 12:12 PM, James Yong <ja...@apache.org> wrote:
> >>
> >> > Hi all,
> >> >
> >> > I would like to propose using the Single Sign On mechanism in Tomcat.
> >> > Once implemented, there is no necessity for the externalLoginKey,
> >> > or to indicate "intra-app" to target-type attribute.
> >> >
> >> > Any issue before i start working on a POC?
> >> >
> >> > Regards,
> >> > James Yong
> >> >
> >>
>

Re: Tomcat SSO

Posted by James Yong <ja...@apache.org>.

Hi all,

I have uploaded a patch to support SSO when OFBiz is clustered.
Please see https://issues.apache.org/jira/browse/OFBIZ-10123 for patch and further discussion.

Regards,
James Yong

On 2017/12/10 15:42:32, "James Yong"<ja...@apache.org> wrote: 
> Hi Taher, all,
> 
> Sorry for the late reply.
> I have created a JIRA issue for further discussion and also uploaded a proof-of-concept.
> Please see https://issues.apache.org/jira/projects/OFBIZ/issues/OFBIZ-10047
> 
> Regards,
> James Yong
> 
> On 2017-11-07 03:42, Taher Alkhateeb <sl...@gmail.com> wrote: 
> > Perhaps sharing exactly how you'd like to implement this would help.
> > 
> > On Sun, Nov 5, 2017 at 7:12 PM, James Yong <ja...@apache.org> wrote:
> > > Hi all,
> > >
> > > I would like to revisit this issue. Specifically on whether implementing Tomcat SSO to avoid using externalLoginKey is a sound approach. Thanks.
> > >
> > > Regards,
> > > James Yong
> > >
> > > On 2017-05-05 18:02, Taher Alkhateeb <sl...@gmail.com> wrote:
> > >> I've been contemplating this for a while, but it is not an easy task.
> > >> Essentially, we need to fully refactor the Catalina Container and do a lot
> > >> of cleanup to reverse the way OFBiz is deployed to be a single web
> > >> application, not multiple web applications mapped to a single servlet
> > >> container as is the architecture at the moment.
> > >>
> > >> For this to happen, we need to do many things:
> > >> 1- Complete the refactoring of all containers to get the new signature of
> > >> OfbizCommand argument list
> > >> 2- Redesign the container so that everything is loaded once as a single
> > >> webapp through one master servlet. This would have the advantage of being
> > >> able to deploy OFBiz as a single WAR archive to be deployed in any servlet
> > >> container
> > >> 3- Redesign all components (if needed) to comply with this new architecture
> > >>
> > >> This is one of the things I've been dabbling with lately, but it's bigger
> > >> than I expected. The code in the catalina container is very spaghetti like
> > >> at the moment.
> > >>
> > >> So, I would say it's a good idea, but needs lots of cleanup / refactoring
> > >> work first if you want to have a good chance of succeeding in
> > >> implementation. Without a proper cleanup you might get a bit overwhelmed in
> > >> trying to navigate the code maze :) So good luck.
> > >>
> > >> On Fri, May 5, 2017 at 12:12 PM, James Yong <ja...@apache.org> wrote:
> > >>
> > >> > Hi all,
> > >> >
> > >> > I would like to propose using the Single Sign On mechanism in Tomcat.
> > >> > Once implemented, there is no necessity for the externalLoginKey,
> > >> > or to indicate "intra-app" to target-type attribute.
> > >> >
> > >> > Any issue before i start working on a POC?
> > >> >
> > >> > Regards,
> > >> > James Yong
> > >> >
> > >>
> > 
>