[Logo] JForum - Powering Communities
  [Search] 搜尋   [Recent Topics] 最新主題   [Hottest Topics] 熱門主題   [Top Downloads] 熱門下載   [Groups] 回首頁 
[Register] 會員註冊 /  [Login] 登入 


JForum 2.8.3 is out with various fixes and improvements. Read all about it here

JForum Integration Single Signon RSS feed
討論區首頁 » Integration Forum
發表人 內容
vTest


註冊時間: 2013/1/16
文章: 14
離線
I need some helps on JForum integration SSO. I am aware this discussion http://www.coderanch.com/t/574564/jforum/Single-Signon-automatic-login. The information is out updated and doesn't match the current code base. The following is the integration logic. Please correct me if it is not right.

  • 1. After a user signs in the application, encrypt this user’s unique identifier and save this encrypted value in a cookie.

  • 2. This cookie can be used to authenticate the user in JForum. A filter/interceptor will be created to verify the authorization for any JForum URLS with a pattern of “/forum/*”

  • 3. When a user navigates to a JForum page, the cookie value will be used to verify user’s credential against the JForum database. The cookie value will be decrypted for usage, of course.

  • 4. If it is the first time for the user using JForum (that is the user account data doesn’t exist in JForum DB), a web service call will be issued to retrieve this user’s profile data, namely screen name, email, and encrypted password, from our app. And those user data will be stored in the jforum_users table of the JForum database.

  • 5. When the user log off her/his account or a session timeout, the cookie will be removed.



  • Please advise how the integration need to take place.

    Thanks for your helps in advance.
    andowson


    註冊時間: 2011/6/30
    文章: 252
    離線
    Hi, check this post first if it help.
    http://jforum.andowson.com/posts/list/35.page
    vTest


    註冊時間: 2013/1/16
    文章: 14
    離線
    Thanks very much for the lead.

    I notice an 'Anonymous' user can post a message in a use scenario, but not in other ones. The authentication seems to be inconsistent. How to enforce only a signin user can post a message for all cases, otherwise it is read only?
    andowson


    註冊時間: 2011/6/30
    文章: 252
    離線
    If you want to deny anonymous post in JForum, just go to Admin Control Panel > Group Managment > General > Permission
    Choose all boards in the deny anonymous post section.
    • [Thumb - deny_anonymous_post_in_JForum.png]
     檔案名稱 deny_anonymous_post_in_JForum.png [Disk] 下載
     描述 Deny anonymous post in JForum
     檔案大小 6 Kbytes
     下載次數:  62671 次

    vTest


    註冊時間: 2013/1/16
    文章: 14
    離線
    andowson wrote:If you want to deny anonymous post in JForum, just go to Admin Control Panel > Group Managment > General > Permission
    Choose all boards in the deny anonymous post section.


    Thanks very much.

    After work, I recognize that it likely is a configuration thing, but not a code problem.

    vTest


    註冊時間: 2013/1/16
    文章: 14
    離線
    I can't figure out why I get the following error in the sso.redirect configuration.

    java.net.URISyntaxException: Illegal character in authority at index 7: http://www.mycompany.com


    I don't see any bad characters there.
     
    討論區首頁 » Integration Forum
    前往:   
    行動版
    Powered by JForum 2.8.3 © 2023 JForum Team • Maintained by Andowson Chang and Ulf Dittmer