[
https://issues.apache.org/jira/browse/OFBIZ-10047?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
James Yong updated OFBIZ-10047:
-------------------------------
Attachment: OFBIZ-10047.patch
Uploaded Proof of Concept.
When security.login.tomcat.sso=true,
1) CatalinaContainer will load the Tomcat's SingleSignOn valve to support SSO;
2) User will be logged using request.login(userName, password) method. So required to pass HttpServletRequest attribute to the userLogin service;
3) No need to set security.login.externalLoginKey.enabled=true; and
4) Relies on the checkServletRequestRemoteUserLogin method to relogin when user accesses another unauthenticated web application.
> Tomcat SSO
> ----------
>
> Key: OFBIZ-10047
> URL:
https://issues.apache.org/jira/browse/OFBIZ-10047> Project: OFBiz
> Issue Type: Improvement
> Components: framework
> Affects Versions: Trunk
> Reporter: James Yong
> Assignee: James Yong
> Priority: Minor
> Attachments: OFBIZ-10047.patch
>
>
> Proposing Tomcat SSO to be used in OFBiz to improve on Single-Sign-On.
> This aim to fix the issues mentioned in OFBIZ-6963, OFBIZ-6994.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
Locked
