You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@ofbiz.apache.org by robbyx <be...@sofrecom.com> on 2010/04/08 11:47:45 UTC
authentication with specialpurpose LDAP-CAS
Hi all,
I’ve got last version of OFbiz retrieved on trunk
http://svn.apache.org/repos/asf/ofbiz/trunk
I’ve activated specialpurpose ldap and correctly configured file ldap.xml
I’ve defined entries <!-- Security Mappings --> in file <ofbizroot>\
framework\common\webcommon\WEB-INF\common-controller.xml to use class
LdapLoginWorker.
Problem is that each time i move in application /webtools, i’m redirected to
CAS login page!!!
It seems that login information is lost after each http request.
Thanks for your help.
--
View this message in context: http://n4.nabble.com/authentication-with-specialpurpose-LDAP-CAS-tp1773791p1773791.html
Sent from the OFBiz - User mailing list archive at Nabble.com.
Re: authentication with specialpurpose LDAP-CAS
Posted by Shi Jinghai <sh...@langhua.cn>.
In develop environment, you can config CAS not using SSL, then you don't
have to change the code.
在 2010-04-09五的 07:34 -0800,robbyx写道:
>
> robbyx wrote:
> >
> > Hi all,
> >
> > I’ve got last version of OFbiz retrieved on trunk
> > http://svn.apache.org/repos/asf/ofbiz/trunk
> > I’ve activated specialpurpose ldap and correctly configured file ldap.xml
> > I’ve defined entries <!-- Security Mappings --> in file <ofbizroot>\
> > framework\common\webcommon\WEB-INF\common-controller.xml to use class
> > LdapLoginWorker.
> >
> > Problem is that each time i move in application /webtools, i’m redirected
> > to CAS login page!!!
> > It seems that login information is lost after each http request.
> >
> > Thanks for your help.
> >
> >
>
> Problem is identified :
> We used CAS with http and not https because /validate didn't work with a not
> valid SSL certificate (out of date)
> But CAS requires https with /login to read-write Ticket-Granting Cookie.
> To solve problem, we've modified parameter CasValidateUri to CasValidateUrl
> :
> <CasUrl>https://<server>:20043/cas</CasUrl>
> <CasValidateUrl>http://<server>:20000/cas/validate</CasValidateUrl>
> and class OFBizCasAuthenticationHandler.java
>
>
>
>
Re: authentication with specialpurpose LDAP-CAS
Posted by robbyx <be...@sofrecom.com>.
robbyx wrote:
>
> Hi all,
>
> I’ve got last version of OFbiz retrieved on trunk
> http://svn.apache.org/repos/asf/ofbiz/trunk
> I’ve activated specialpurpose ldap and correctly configured file ldap.xml
> I’ve defined entries <!-- Security Mappings --> in file <ofbizroot>\
> framework\common\webcommon\WEB-INF\common-controller.xml to use class
> LdapLoginWorker.
>
> Problem is that each time i move in application /webtools, i’m redirected
> to CAS login page!!!
> It seems that login information is lost after each http request.
>
> Thanks for your help.
>
>
Problem is identified :
We used CAS with http and not https because /validate didn't work with a not
valid SSL certificate (out of date)
But CAS requires https with /login to read-write Ticket-Granting Cookie.
To solve problem, we've modified parameter CasValidateUri to CasValidateUrl
:
<CasUrl>https://<server>:20043/cas</CasUrl>
<CasValidateUrl>http://<server>:20000/cas/validate</CasValidateUrl>
and class OFBizCasAuthenticationHandler.java
--
View this message in context: http://n4.nabble.com/authentication-with-specialpurpose-LDAP-CAS-tp1773791p1819510.html
Sent from the OFBiz - User mailing list archive at Nabble.com.
Re: authentication with specialpurpose LDAP-CAS
Posted by Shi Jinghai <sh...@langhua.cn>.
I'll check this next week. I'll upgrade the implement to authorization
as well.
Regards,
Shi Jinghai/Beijing Langhua Ltd.
在 2010-04-08四的 01:47 -0800,robbyx写道:
> Hi all,
>
> I’ve got last version of OFbiz retrieved on trunk
> http://svn.apache.org/repos/asf/ofbiz/trunk
> I’ve activated specialpurpose ldap and correctly configured file ldap.xml
> I’ve defined entries <!-- Security Mappings --> in file <ofbizroot>\
> framework\common\webcommon\WEB-INF\common-controller.xml to use class
> LdapLoginWorker.
>
> Problem is that each time i move in application /webtools, i’m redirected to
> CAS login page!!!
> It seems that login information is lost after each http request.
>
> Thanks for your help.
>