會員註冊 / 登入  |  電腦版  |  Jump to bottom of page

User Forum » How to use net.jforum.sso.CookieUserSSO

發表人: James Bucanek
5 年 前
I've got my Jforum2 site set up and running. Now I'd like to set up a SSO with my main site.

I've been poking around the documentation and the net.jforum.sso.* source, and it looks like I might be able to use the cookie sign-in scheme. But before I dive into hacking up my web site, I wanted to make sure I have a reasonable understanding of how it's supposed to work.

I gather that the net.jforum.sso.CookieUserSSO class simply looks for cookie (JforumSSO by default) that contains the user name of the currently logged in user. If it does, that user is either automagically logged in or gets spontaneously created.

My two sites are at www.mydomain.com and jforum.mydomain.com.

Therefore, and if I'm reading RFC 6265 correctly, I *should* be able to have the login page on the www.mydomain.com set a cookie (Set-Cookie: JforumSSO=johndoe@gmail.com; domain=mydomain.com) when the user logs in, and the jforum.mydomain.com request should include that cookie, allowing net.jforum.sso.CookieUserSSO to work its magic.

If that's correct, I'm ready to get started. If that's not correct, could someone explain this to me (as if I were a child). smilie Thanks!

發表人: udittmer
5 年 前
I've never looked into JForum's SSO capabilities, and unfortunately the old JForum documentation is not online (I'm working on that). But for starters, check out the following pages, which admittedly are hard to read, as they are the source code for wiki pages, but should be decipherable as is.

https://github.com/rafaelsteil/jforum2/blob/master/www/website/SSO.txt

https://github.com/rafaelsteil/jforum2/blob/master/www/website/SSOCookies.txt

https://github.com/rafaelsteil/jforum2/blob/master/www/website/SSORemote.txt

Other parts of the documentation are also available in that form at https://github.com/rafaelsteil/jforum2/tree/master/www/website




會員註冊 / 登入  |  電腦版  |  Jump to top of page