What this is
The source code
How to Single Sign On with MVNForum. As we discussed in docs/DEVELOPER.txt, it is possible (and quite easy) to intergrate MVNForum authentication with a certain available user database. One of the popular user database (with Java Servlet container) is Servlet Realm. MVNForum provide a sample demo which allow users of MVNForum authenticated using Servlet Realm. The following steps guide you to run that system. 1. First, we have to config Tomcat for using Realm. For detail about this step, you can refer Tomcat site http://jakarta.apache.org/tomcat/tomcat-4.0-doc/realm-howto.html, it will guide you through the steps to config Tomcat using Realm with the different user databases. 2. Config MVN Forum to allow to authencate using Informations from Realm. Replace the current web.xml with web.xml (in docs/demo/realm_authentication/srcweb/WEB-INF) Enable this feature: "enable_login_info_in_customization". Config an authenticator: enter value "com.mvnforum.auth.SampleRealmAuthenticator" into the option "authenticator_implementation" Note: Ensure the role names is defined in new web.xml file is one of Tomcat's roles Note: Due to limitation of option enable_login_info_in_realm, we does not recommend you to use this option. In stead, option enable_login_info_in_customization provide all the benefits. 3. Ready for new sample system, go to the link now http://localhost:8080/mvnforum/realm Enter Tomcat User/Password Click on "Enter MVNForum" 4 How to authenticate in this system? This is only a sample system, so it is not dificult to understand the operation if you have a look at file com.mvnforum.auth.SampleRealmAuthenticator.java. MVNForum get Remote User. If he existed -> OK, else Create a new account for him. If RemoteUser is null, the authentication is failed, the user is treated as a Guest of forum. 5. Example config realm code for web.xml <!-- Below is sample realm configuration to demo MVNForum Single Sign On --> <security-constraint> <display-name>Example Security Constraint <web-resource-collection> <web-resource-name>Protected Area <!-- Define the context-relative URL(s) to be protected --> <url-pattern>/realm/* <!-- If you list http methods, only those methods are protected --> <http-method>DELETE <http-method>GET <http-method>POST <http-method>PUT </web-resource-collection> <auth-constraint> <!-- Anyone with one of the listed roles may access this area --> <role-name>tomcat </auth-constraint> </security-constraint> <!-- Default login configuration uses form-based authentication --> <login-config> <auth-method>FORM <realm-name>Example Form-Based Authentication Area <form-login-config> <form-login-page>/realm/login.jsp <form-error-page>/realm/error.jsp </form-login-config> </login-config> <!-- Security roles referenced by this web application --> <security-role> <role-name>tomcat </security-role>
Copyright 1998-2021 Alvin Alexander, alvinalexander.com
All Rights Reserved.
A percentage of advertising revenue from
pages under the /java/jwarehouse URI on this website is
paid back to open source projects.