You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@archiva.apache.org by "Lustig, Marc (Allianz Deutschland, externer Mitarbeiter)" <EX...@allianz.de> on 2008/06/24 14:18:13 UTC
SSO Archiva / Continuum
hi,
since Archiva and Continuum are highly complimentary it would be helpful for many users to have a single login for both apps. I have heard this request a number of times!
Already both apps ground on the same authentication and authoriation system (redback) and the db schemas are also the same.
Would it be possible to use a single db-instance for both apps?
I suppose it won't work because the security-roles are different for each system.
So, my idea is to leave the authorization each in the dedicated tables, while having the authentication at a central place/table.
Can one of the Redback-developers please explain if it would be sufficient to have a single table JDOUSER, and the rest of the tables to have one for each app. I think the easiest way would be to use the same db-instance, and simply prefix the table-sets: CONT_SECURITY_.... ARCH_SECURITY_....
I think anyway some better integration of Continuum and Archiva would be highly welcome.
M.
Re: SSO Archiva / Continuum
Posted by Andrew Williams <an...@handyande.co.uk>.
I had a project that integrated the two and used a single
authentication source - see maven-enterprise in the maven sandbox.
Sure it is well out of date now, but it might show you how to set it up.
Hope it helps,
Andy
On 24 Jun 2008, at 13:18, Lustig, Marc (Allianz Deutschland, externer
Mitarbeiter) wrote:
> hi,
> since Archiva and Continuum are highly complimentary it would be
> helpful for many users to have a single login for both apps. I have
> heard this request a number of times!
> Already both apps ground on the same authentication and authoriation
> system (redback) and the db schemas are also the same.
> Would it be possible to use a single db-instance for both apps?
> I suppose it won't work because the security-roles are different for
> each system.
> So, my idea is to leave the authorization each in the dedicated
> tables, while having the authentication at a central place/table.
>
> Can one of the Redback-developers please explain if it would be
> sufficient to have a single table JDOUSER, and the rest of the
> tables to have one for each app. I think the easiest way would be to
> use the same db-instance, and simply prefix the table-sets:
> CONT_SECURITY_.... ARCH_SECURITY_....
>
> I think anyway some better integration of Continuum and Archiva
> would be highly welcome.
>
> M.
Re: SSO Archiva / Continuum
Posted by Olivier Dehon <od...@gmail.com>.
Actually, if you configure archiva to use the same "users" database as
continuum, it just works, since roles do not collide between the 2 apps
(AFAIU).
I did this using a MySQL DB on Ubuntu 8.04 without any issues.
-Olivier
On Tue, 2008-06-24 at 14:18 +0200, Lustig, Marc (Allianz Deutschland,
externer Mitarbeiter) wrote:
> hi,
> since Archiva and Continuum are highly complimentary it would be helpful for many users to have a single login for both apps. I have heard this request a number of times!
> Already both apps ground on the same authentication and authoriation system (redback) and the db schemas are also the same.
> Would it be possible to use a single db-instance for both apps?
> I suppose it won't work because the security-roles are different for each system.
> So, my idea is to leave the authorization each in the dedicated tables, while having the authentication at a central place/table.
>
> Can one of the Redback-developers please explain if it would be sufficient to have a single table JDOUSER, and the rest of the tables to have one for each app. I think the easiest way would be to use the same db-instance, and simply prefix the table-sets: CONT_SECURITY_.... ARCH_SECURITY_....
>
> I think anyway some better integration of Continuum and Archiva would be highly welcome.
>
> M.
Re: SSO Archiva / Continuum
Posted by Brett Porter <br...@apache.org>.
You will have to log in repeatedly because the cookie is not stored on
a shared domain and path.
On 25/06/2008, at 12:02 AM, Wendy Smoak wrote:
> ... and does it work if Continuum and Archiva are sharing the same
> user database, but running on different hosts? We have several
> Continuum instances on different hosts, plus one for Archiva, and I
> seem to have to log in repeatedly.
>
> Thanks,
> --
> Wendy
>
> On Tue, Jun 24, 2008 at 7:31 AM, Emmanuel Venisse
> <em...@gmail.com> wrote:
>
>> I don't remember how to configure the shared path for cookies.
>> Brett, do you
>> know? If you don't set it, you'll need to authenticate on both
>> instead of
>> only one login.
--
Brett Porter
brett@apache.org
http://blogs.exist.com/bporter/
Re: SSO Archiva / Continuum
Posted by Emmanuel Venisse <em...@gmail.com>.
I don't know, never tested :)
On Tue, Jun 24, 2008 at 6:02 PM, Wendy Smoak <ws...@gmail.com> wrote:
> ... and does it work if Continuum and Archiva are sharing the same
> user database, but running on different hosts? We have several
> Continuum instances on different hosts, plus one for Archiva, and I
> seem to have to log in repeatedly.
>
> Thanks,
> --
> Wendy
>
> On Tue, Jun 24, 2008 at 7:31 AM, Emmanuel Venisse
> <em...@gmail.com> wrote:
>
> > I don't remember how to configure the shared path for cookies. Brett, do
> you
> > know? If you don't set it, you'll need to authenticate on both instead of
> > only one login.
>
Re: SSO Archiva / Continuum
Posted by Wendy Smoak <ws...@gmail.com>.
... and does it work if Continuum and Archiva are sharing the same
user database, but running on different hosts? We have several
Continuum instances on different hosts, plus one for Archiva, and I
seem to have to log in repeatedly.
Thanks,
--
Wendy
On Tue, Jun 24, 2008 at 7:31 AM, Emmanuel Venisse
<em...@gmail.com> wrote:
> I don't remember how to configure the shared path for cookies. Brett, do you
> know? If you don't set it, you'll need to authenticate on both instead of
> only one login.
Re: SSO Archiva / Continuum
Posted by Emmanuel Venisse <em...@gmail.com>.
for the users db, you hust need to use the same jdbc url for archiva et
Continuum users databases in datasources.
I don't remember how to configure the shared path for cookies. Brett, do you
know? If you don't set it, you'll need to authenticate on both instead of
only one login.
Emmanuel
On Tue, Jun 24, 2008 at 4:13 PM, Lustig, Marc (Allianz Deutschland, externer
Mitarbeiter) <EX...@allianz.de> wrote:
> that's interesting. is it documented somewhere?
>
>
> -----Ursprüngliche Nachricht-----
> Von: Emmanuel Venisse [mailto:emmanuel.venisse@gmail.com]
> Gesendet: Dienstag, 24. Juni 2008 14:49
> An: dev@archiva.apache.org
> Betreff: Re: SSO Archiva / Continuum
>
> Archiva and Continuum can already work with the same db, it is what lot of
> users already use in production.
>
> Emmanuel
>
> On Tue, Jun 24, 2008 at 2:18 PM, Lustig, Marc (Allianz Deutschland,
> externer
> Mitarbeiter) <EX...@allianz.de> wrote:
>
> > hi,
> > since Archiva and Continuum are highly complimentary it would be helpful
> > for many users to have a single login for both apps. I have heard this
> > request a number of times!
> > Already both apps ground on the same authentication and authoriation
> system
> > (redback) and the db schemas are also the same.
> > Would it be possible to use a single db-instance for both apps?
> > I suppose it won't work because the security-roles are different for each
> > system.
> > So, my idea is to leave the authorization each in the dedicated tables,
> > while having the authentication at a central place/table.
> >
> > Can one of the Redback-developers please explain if it would be
> sufficient
> > to have a single table JDOUSER, and the rest of the tables to have one
> for
> > each app. I think the easiest way would be to use the same db-instance,
> and
> > simply prefix the table-sets: CONT_SECURITY_.... ARCH_SECURITY_....
> >
> > I think anyway some better integration of Continuum and Archiva would be
> > highly welcome.
> >
> > M.
> >
>
AW: SSO Archiva / Continuum
Posted by "Lustig, Marc (Allianz Deutschland, externer Mitarbeiter)" <EX...@allianz.de>.
that's interesting. is it documented somewhere?
-----Ursprüngliche Nachricht-----
Von: Emmanuel Venisse [mailto:emmanuel.venisse@gmail.com]
Gesendet: Dienstag, 24. Juni 2008 14:49
An: dev@archiva.apache.org
Betreff: Re: SSO Archiva / Continuum
Archiva and Continuum can already work with the same db, it is what lot of
users already use in production.
Emmanuel
On Tue, Jun 24, 2008 at 2:18 PM, Lustig, Marc (Allianz Deutschland, externer
Mitarbeiter) <EX...@allianz.de> wrote:
> hi,
> since Archiva and Continuum are highly complimentary it would be helpful
> for many users to have a single login for both apps. I have heard this
> request a number of times!
> Already both apps ground on the same authentication and authoriation system
> (redback) and the db schemas are also the same.
> Would it be possible to use a single db-instance for both apps?
> I suppose it won't work because the security-roles are different for each
> system.
> So, my idea is to leave the authorization each in the dedicated tables,
> while having the authentication at a central place/table.
>
> Can one of the Redback-developers please explain if it would be sufficient
> to have a single table JDOUSER, and the rest of the tables to have one for
> each app. I think the easiest way would be to use the same db-instance, and
> simply prefix the table-sets: CONT_SECURITY_.... ARCH_SECURITY_....
>
> I think anyway some better integration of Continuum and Archiva would be
> highly welcome.
>
> M.
>
Re: SSO Archiva / Continuum
Posted by Brett Porter <br...@apache.org>.
You can also set redback to use a shared path for it's cookies to have
those work together.
- Brett
On 24/06/2008, at 8:48 PM, Emmanuel Venisse wrote:
> Archiva and Continuum can already work with the same db, it is what
> lot of
> users already use in production.
>
> Emmanuel
>
> On Tue, Jun 24, 2008 at 2:18 PM, Lustig, Marc (Allianz Deutschland,
> externer
> Mitarbeiter) <EX...@allianz.de> wrote:
>
>> hi,
>> since Archiva and Continuum are highly complimentary it would be
>> helpful
>> for many users to have a single login for both apps. I have heard
>> this
>> request a number of times!
>> Already both apps ground on the same authentication and
>> authoriation system
>> (redback) and the db schemas are also the same.
>> Would it be possible to use a single db-instance for both apps?
>> I suppose it won't work because the security-roles are different
>> for each
>> system.
>> So, my idea is to leave the authorization each in the dedicated
>> tables,
>> while having the authentication at a central place/table.
>>
>> Can one of the Redback-developers please explain if it would be
>> sufficient
>> to have a single table JDOUSER, and the rest of the tables to have
>> one for
>> each app. I think the easiest way would be to use the same db-
>> instance, and
>> simply prefix the table-sets: CONT_SECURITY_.... ARCH_SECURITY_....
>>
>> I think anyway some better integration of Continuum and Archiva
>> would be
>> highly welcome.
>>
>> M.
>>
--
Brett Porter
brett@apache.org
http://blogs.exist.com/bporter/
Re: SSO Archiva / Continuum
Posted by Emmanuel Venisse <em...@gmail.com>.
Archiva and Continuum can already work with the same db, it is what lot of
users already use in production.
Emmanuel
On Tue, Jun 24, 2008 at 2:18 PM, Lustig, Marc (Allianz Deutschland, externer
Mitarbeiter) <EX...@allianz.de> wrote:
> hi,
> since Archiva and Continuum are highly complimentary it would be helpful
> for many users to have a single login for both apps. I have heard this
> request a number of times!
> Already both apps ground on the same authentication and authoriation system
> (redback) and the db schemas are also the same.
> Would it be possible to use a single db-instance for both apps?
> I suppose it won't work because the security-roles are different for each
> system.
> So, my idea is to leave the authorization each in the dedicated tables,
> while having the authentication at a central place/table.
>
> Can one of the Redback-developers please explain if it would be sufficient
> to have a single table JDOUSER, and the rest of the tables to have one for
> each app. I think the easiest way would be to use the same db-instance, and
> simply prefix the table-sets: CONT_SECURITY_.... ARCH_SECURITY_....
>
> I think anyway some better integration of Continuum and Archiva would be
> highly welcome.
>
> M.
>