Jforum can be easily integrated with existing Web applications through simple configuration to form a single point of login. Currently, jforum supports the following SSO solutions:
- Use cookies
- Request. getremoteuser () Verification
The above can be achieved by configuring the systemglobals. properties file.
Of course, you can also write an SSO Class Based on your actual situation to achieve single-point logon.
After SSO is used, functions such as jforum logout, logon, and password change will be automatically hidden.
How does Single Sign-on work?
The SSO interface provided by jforum provides two methods: authenticateuser () and issessionvalid.
During user access, jforum calls the authenticateuser () method. This method returns the username or null
If the user name is returned, jforum checks whether the user exists in the User table. If the user name does not exist, the user is automatically added and logged on. if null is returned, the user will log on to the Forum anonymously. if an anonymous user accesses a forum without permission, jforum redirects to the logon page.
SSO related items in systemglobals. Properties
- SSO authentication. type authentication type configured for the systemglobals. properties entry. Default Or SSO, default
- SSO. Implementation implements the SSO class name, which can be cookieusersso, remoteusersso, or others. The default value is net. jforum. SSO. cookieusersso.
- Session attribute name of the user password automatically registered for SSO. Password. attribute, used to update the jforum user password. The default value is password.
- The session attribute name of the user email automatically registered for SSO. Email. The user updates the jforum user email. The default value is email.
- SSO. Redirect. Parameter redirection parameter, which contains the URL-encoded jforum path. The default value is jforum_redirect.
- SSO. Redirect. Message redirection, default value: Please login to use the forum
- Default email address when no email is found in SSO. Default. Email session attribute, default sso@user.com
- SSO. Default. Password is the same as SSO. Redirect to the address on your logon page. The default value is http: mysite.com/login.jsp.
- Cookie. Name. Data contains the cookie name of the jfroum user name. The default value is jforumsso.
- SSO. Cookie. Path: The Cookie Path. If it is not specified in the root path, the default value is/
Cookie implementation
1. Use existing cookies
Prerequisites: You have set cookie for the user name in your application to ensure that the attributes of sytemglobals. properties about SSO are in the initial state. Modify the following attributes:
authentication.type=ssosso.implementation=net.jforum.sso.CookieUserSSOsso.redirect=http://mysite.blah/login.jsp # changesso.cookie.name=myAutoLogin |
# The cookie name corresponding to the user name will be redirected to the login page when the user accesses Resources in the Forum anonymously. Request. getparameter ("error") to obtain SSO. redirect. error.
Check the value of the Redirect parameter in the login action of your application to direct the logged-on user to the page before logon.
String redirect = request.getParameter("jforum_redirect");if (redirect != null) login_message = request.getParameter("error");if (redirect != null && redirect.trim().length() > 0)response.sendRedirect(redirect); |
2. Use the default SSO cookie
If your application does not set a cookie with a user name, use this method to ensure that the attributes of sytemglobals. properties about SSO are in the initial state. Modify the following attributes:
authentication.type=ssosso.implementation=net.jforum.sso.CookieUserSSOsso.redirect=http:/mysite.blah/login.jsp |
# Change the login address of your application to check the value of the Redirect parameter in the login action of your application to direct the logged-on user to the previous page.
String redirect = request.getParameter("jforum_redirect");if (redirect != null) login_message = request.getParameter("error"); |
Add the cookie setting code in the login operation of your application.
Cookie = new cookie ("jforumsso", user. getUserName (); cookie. setmaxage (-1) //-1 is never expired, or the specified expiration time is response. addcookie; Delete the cookie in the logout operation. |
Cookie = new cookie ("jforumsso", ""); cookie. setmaxage (0) // Delete cookie. response. addcookie (cookie ); |
Implementation of request. getremoteuser ()
Step 1: Specify authentication. type as SSO
authentication.type = sso |
Step 2: Specify the class for processing SSO. The default value is remoteusersso. This class returns the request. getremoteuser () value. If you write a class to process SSO, write your class path here (this class must implement net. jforum. SSO. SSO Interface)
sso.implementation = net.jforum.sso.RemoteUserSSO |
This blog is from: http://laoyu.info/archives/217.html. For more information, see.