alvinalexander.com | career | drupal | java | mac | mysql | perl | scala | uml | unix  

What this is

This file is included in the DevDaily.com "Java Source Code Warehouse" project. The intent of this project is to help you "Learn Java by Example" TM.

Other links

The source code

How to Single Sign On with MVNForum.

As we discussed in docs/DEVELOPER.txt, it is possible (and quite easy) to intergrate 
MVNForum authentication with a certain available user database. One of the popular
user database (with Java Servlet container) is Servlet Realm. MVNForum provide 
a sample demo which allow users of MVNForum authenticated using Servlet Realm. 
The following steps guide you to run that system.

1. First, we have to config Tomcat for using Realm. For detail about this step, 
   you can refer Tomcat site http://jakarta.apache.org/tomcat/tomcat-4.0-doc/realm-howto.html, 
   it will guide you through the steps to config Tomcat using Realm with the different user databases.

2. Config MVN Forum to allow to authencate using Informations from Realm.

   Replace the current web.xml with  web.xml (in docs/demo/realm_authentication/srcweb/WEB-INF)
   Enable this feature: "enable_login_info_in_customization".
   Config an authenticator: enter value "com.mvnforum.auth.SampleRealmAuthenticator"
   into the option "authenticator_implementation"

   Note: Ensure the role names is defined in new web.xml file is one of Tomcat's roles

   Note: Due to limitation of option enable_login_info_in_realm, we does not recommend
   you to use this option. In stead, option enable_login_info_in_customization
   provide all the benefits. 

3. Ready for new sample system, go to the link now
   http://localhost:8080/mvnforum/realm
   Enter Tomcat User/Password
   Click on "Enter MVNForum"

4 How to authenticate in this system?
  This is only a sample system, so it is not dificult to understand the operation
  if you have a look at file com.mvnforum.auth.SampleRealmAuthenticator.java. 
  MVNForum get Remote User. If he existed -> OK, else Create a new account for him. 
  If RemoteUser is null, the authentication is failed,
  the user is treated as a Guest of forum.

5. Example config realm code for web.xml
  <!-- Below is sample realm configuration to demo MVNForum Single Sign On -->
  <security-constraint>
    <display-name>Example Security Constraint
    <web-resource-collection>
      <web-resource-name>Protected Area
      <!-- Define the context-relative URL(s) to be protected -->
      <url-pattern>/realm/*
      <!-- If you list http methods, only those methods are protected -->
      <http-method>DELETE
      <http-method>GET
      <http-method>POST
      <http-method>PUT
    </web-resource-collection>
    <auth-constraint>
      <!-- Anyone with one of the listed roles may access this area -->
      <role-name>tomcat
    </auth-constraint>
  </security-constraint>

  <!-- Default login configuration uses form-based authentication -->
  <login-config>
    <auth-method>FORM
    <realm-name>Example Form-Based Authentication Area
    <form-login-config>
      <form-login-page>/realm/login.jsp
      <form-error-page>/realm/error.jsp
    </form-login-config>
  </login-config>

  <!-- Security roles referenced by this web application -->
  <security-role>
    <role-name>tomcat
  </security-role>





... this post is sponsored by my books ...

#1 New Release!

FP Best Seller

 

new blog posts

 

Copyright 1998-2021 Alvin Alexander, alvinalexander.com
All Rights Reserved.

A percentage of advertising revenue from
pages under the /java/jwarehouse URI on this website is
paid back to open source projects.