Jetspeed 2
  1. Jetspeed 2
  2. JS2-1208

Support Form-based Authentication in SSO IFrame Portlet

    Details

    • Type: Improvement Improvement
    • Status: Resolved
    • Priority: Major Major
    • Resolution: Fixed
    • Affects Version/s: None
    • Fix Version/s: 2.2.2
    • Component/s: SSO
    • Labels:
      None

      Description

      The SSO IFrame portlet does not support Form-based Authentication. A generalized Form-based authentication solution would be useful for iframes as well as web content portlets (Jetspeed already supports SSO with the SSO Web Content portlet). The SSO IFrame portlet should make use of Jetspeed SSO configurations to retrieve username and passwords, as well as the standard preferences such as sso.type and sso preferences to build a form and post to it as described on Woonsan's email to the Jetspeed User List.

        Activity

        Hide
        Woonsan Ko added a comment -

        Fixed.

        You can test this feature like this example test scenario:

        (1) Log in by admin and visit SSO Management page (/security/sso-admin.psml)
        (2) Add an SSO Site. For example,

        By the way, when sso.type is form, form.get or form.post, the following prefs are just ignored:

        • sso.url.Principal, sso.url.Credential

        Also, the sso.form.Action url will be invoked just once per (portlet-level) portlet session.

        -Woonsan

        Show
        Woonsan Ko added a comment - Fixed. You can test this feature like this example test scenario: (1) Log in by admin and visit SSO Management page (/security/sso-admin.psml) (2) Add an SSO Site. For example, Site name: localhost_form Site URL: http://localhost:8080/j2-admin/examples/formauth-success.jsp Field name for User ID: user Field name for Password value: pass (3) Add sso credentials on the right pane for the site, "SSO Details - localhost_form" Portal Principal: admin Remote Principal: manager Remote Credential: manager (4) Log out and re-login. Visit the default page (/default-page.psml) or create a page and visit the created page for testing. (5) Add SSOIFramePortlet into the page. (6) Edit the portlet preferences by clicking edit icon. Edit the followings and save. SRC: http://localhost:8080/j2-admin/examples/formauth-success.jsp sso.type: form or form.post sso.form.Action: http://localhost:8080/j2-admin/examples/formauth.jsp sso.form.Principal: user sso.form.Credential: pass sso.form.Args: By the way, when sso.type is form, form.get or form.post, the following prefs are just ignored: sso.url.Principal, sso.url.Credential Also, the sso.form.Action url will be invoked just once per (portlet-level) portlet session. -Woonsan

          People

          • Assignee:
            Woonsan Ko
            Reporter:
            David Sean Taylor
          • Votes:
            0 Vote for this issue
            Watchers:
            0 Start watching this issue

            Dates

            • Created:
              Updated:
              Resolved:

              Development