會員註冊 / 登入  |  電腦版  |  Jump to bottom of page

Integration Forum » SSO - Single Sign On

發表人: 20mithrandir
10 年 前
I got the SSO working on jforum 2.1.9 implementing net.jforum.sso.SSO. Now I tried jforum 2.3.1 and it seems like this handling isn't working anymore.

Here's what's going on in 'authenticateUser':


public String authenticateUser(RequestContext ctx) {
String user = null;
try {

String email = null;
// Get UserID
Long userId = SecurityTools.getInstance().getUserIdFromCookie();
if (userId != null) {
// Determine user data from somewhere
UserData userData = response.getData(0);
user = userData.getUsr();
email = userData.getEmail();
// TODO: Adapt class ControllerUtils to use more/custom
// attributes for user creation (see
// http://www.andowson.com/posts/list/227.page)

// The password is irrelevant as the user has already logged on
// (set it anyway in case JForum uses it)
ctx.getSessionContext().setAttribute("password", "");
ctx.getSessionContext().setAttribute("email", email);

}

if (LOG.isInfoEnabled()) {
LOG.info("SSO User: " + userId + ", " + user + ", " + email);
}
} catch (Exception ex) {
LOG.error("Problem in authenticateUser!", ex);
}
return user;
}


Please can someone explain what's missing or what's been changed between the versions?

發表人: rvanderwerf
10 年 前
We're using the SecureSSO module (sort of meant for Grails, but I think it'll work for any java project). You might try that one:

http://blog.smartkey.co.uk/2009/10/secure-sso-for-jforum/

I did find a bug that I had to fix, it would get a NPE if the SSO cookie was not set and the user went directly to the forums - the source is included so you can add a null check for that to fix it - other than that it works for us.

發表人: 20mithrandir
10 年 前
Sorry, the fault was on my side. It's working perfectly in the new version ... one of the configuration properties wasn't set correctly. So shame on me and thanks for listening...




會員註冊 / 登入  |  電腦版  |  Jump to top of page