OFBiz › OFBiz - User

authentication with specialpurpose LDAP-CAS

_‹ Previous Topic Next Topic _›

Classic

List

Threaded

4 messages Options

robbyx

authentication with specialpurpose LDAP-CAS

Hi all,

I’ve got last version of OFbiz retrieved on trunk http://svn.apache.org/repos/asf/ofbiz/trunk
I’ve activated specialpurpose ldap and correctly configured file ldap.xml
I’ve defined entries in file <ofbizroot>\ framework\common\webcommon\WEB-INF\common-controller.xml to use class LdapLoginWorker.

Problem is that each time i move in application /webtools, i’m redirected to CAS login page!!!
It seems that login information is lost after each http request.

Thanks for your help.

Shi Jinghai

Re: authentication with specialpurpose LDAP-CAS

I'll check this next week. I'll upgrade the implement to authorization
as well.

Regards,

Shi Jinghai/Beijing Langhua Ltd.

在 2010-04-08四的 01:47 -0800，robbyx写道：

> Hi all,
>
> I’ve got last version of OFbiz retrieved on trunk
> http://svn.apache.org/repos/asf/ofbiz/trunk
> I’ve activated specialpurpose ldap and correctly configured file ldap.xml
> I’ve defined entries  in file <ofbizroot>\
> framework\common\webcommon\WEB-INF\common-controller.xml to use class
> LdapLoginWorker.
>
> Problem is that each time i move in application /webtools, i’m redirected to
> CAS login page!!!
> It seems that login information is lost after each http request.
>
> Thanks for your help.
>

robbyx

Re: authentication with specialpurpose LDAP-CAS

In reply to this post by robbyx

robbyx wrote

Hi all,

I’ve got last version of OFbiz retrieved on trunk http://svn.apache.org/repos/asf/ofbiz/trunk
I’ve activated specialpurpose ldap and correctly configured file ldap.xml
I’ve defined entries in file <ofbizroot>\ framework\common\webcommon\WEB-INF\common-controller.xml to use class LdapLoginWorker.

Problem is that each time i move in application /webtools, i’m redirected to CAS login page!!!
It seems that login information is lost after each http request.

Thanks for your help.

Problem is identified :
We used CAS with http and not https because /validate didn't work with a not valid SSL certificate (out of date)
But CAS requires https with /login to read-write Ticket-Granting Cookie.
To solve problem, we've modified parameter CasValidateUri to CasValidateUrl :
<CasUrl>https://<server>:20043/cas</CasUrl>
<CasValidateUrl>http://<server>:20000/cas/validate</CasValidateUrl>
and class OFBizCasAuthenticationHandler.java

Shi Jinghai

Re: authentication with specialpurpose LDAP-CAS

In develop environment, you can config CAS not using SSL, then you don't
have to change the code.

在 2010-04-09五的 07:34 -0800，robbyx写道：

>
> robbyx wrote:
> >
> > Hi all,
> >
> > I’ve got last version of OFbiz retrieved on trunk
> > http://svn.apache.org/repos/asf/ofbiz/trunk
> > I’ve activated specialpurpose ldap and correctly configured file ldap.xml
> > I’ve defined entries  in file <ofbizroot>\
> > framework\common\webcommon\WEB-INF\common-controller.xml to use class
> > LdapLoginWorker.
> >
> > Problem is that each time i move in application /webtools, i’m redirected
> > to CAS login page!!!
> > It seems that login information is lost after each http request.
> >
> > Thanks for your help.
> >
> >
>
> Problem is identified :
> We used CAS with http and not https because /validate didn't work with a not
> valid SSL certificate (out of date)
> But CAS requires https with /login to read-write Ticket-Granting Cookie.
> To solve problem, we've modified parameter CasValidateUri to CasValidateUrl
> :
> <CasUrl>https://<server>:20043/cas</CasUrl>
> <CasValidateUrl>http://<server>:20000/cas/validate</CasValidateUrl>
> and class OFBizCasAuthenticationHandler.java
>
>
>
>