JBoss下的单点登陆(SSO)技术实现分析(4)
josso-gateway-config.xml。
<credential-store>
<class>org.josso.gateway.identity.service.store.db.JDBCIdentityStore</class>
<credentialsquerystring>
SELECT login AS username , password AS password FROM josso_user WHERE login = ?
</credentialsquerystring>
<connectionname>root</connectionname>
<connectionpassword>123456</connectionpassword>
<connectionurl>jdbc:mysql://localhost:3306/josso_exam</connectionurl>
<drivername>com.mysql.jdbc.Driver</drivername>
</credential-store>
<sso-identity-store>
<class> org.josso.gateway.identity.service.store.db.JDBCIdentityStore </class>
<userquerystring> SELECT login FROM josso_user WHERE login = ? </userquerystring>
<rolesquerystring>
SELECT josso_role.name FROM josso_role , josso_user_role , josso_user
WHERE josso_user.login = ? AND josso_user.login = josso_user_role.login
AND josso_role.name = josso_user_role.name
</rolesquerystring>
<userpropertiesquerystring>
SELECT ’user.description’ AS name , description AS value
FROM josso_user WHERE login = ?
UNION
SELECT name AS name , value AS value FROM josso_user_property WHERE login = ?
</userpropertiesquerystring>
<connectionname>root</connectionname>
<connectionpassword>123456</connectionpassword>
<connectionurl>jdbc:mysql://localhost:3306/josso_exam</connectionurl>
<drivername>com.mysql.jdbc.Driver</drivername>
</sso-identity-store>
(4)、将MySQL的驱动拷贝到/src/webapp/josso/WEB-INF/lib目录下,供JDBC连接数据库时调用。
(5)、配置Josso的登陆点和注销点,在josso-agent-config.xml中修改,这里我们保持Josso系统默认的登陆和注销设置,同时注意应当把<endpoint>选项的localhost改为主机相对应的IP地址,否则SSO将会失效。
(6)、进入命令行模式,转到Josso的主目录下,执行build.bat war、build.bat install-jboss4和build.bat deploy-jboss4即可。
(7)、修改JBoss server\default\conf目录下的login-config.xml文件,在里面添加Josso的login模型。
<application-policy name="josso">
<authentication>
<login-module <br="" code="org.josso.jb4.agent.JBossSSOGatewayLoginModule">flag = "required">
<module-option name="debug">true</module-option>
</authentication>
</application-policy>
(8)、修改JBoss server/default/deploy/jbossweb-tomcat55.sar目录下的server.xml文件,在其中添加</endpoint><value>选项和</value><realm>选项。
</realm><valve classname="org.josso.tc55.agent.SSOAgentValve" debug="1">
<realm <br="" classname="org.josso.jb4.agent.JBossCatalinaRealm">appName="josso"
userClassNames="org.josso.gateway.identity.service.BaseUserImpl"
roleClassNames="org.josso.gateway.identity.service.BaseRoleImpl"
debug="1" />
(9)、启动JBoss。在浏览器中输入http://localhost:8080/partnerapp/protected,如果能转到登陆界面,然后输入用户名(user1)和密码(user1pwd)能够进行登陆,那么Josso和JBoss单点登陆(SSO)的集成就大功告成了
<credential-store>
<class>org.josso.gateway.identity.service.store.db.JDBCIdentityStore</class>
<credentialsquerystring>
SELECT login AS username , password AS password FROM josso_user WHERE login = ?
</credentialsquerystring>
<connectionname>root</connectionname>
<connectionpassword>123456</connectionpassword>
<connectionurl>jdbc:mysql://localhost:3306/josso_exam</connectionurl>
<drivername>com.mysql.jdbc.Driver</drivername>
</credential-store>
<sso-identity-store>
<class> org.josso.gateway.identity.service.store.db.JDBCIdentityStore </class>
<userquerystring> SELECT login FROM josso_user WHERE login = ? </userquerystring>
<rolesquerystring>
SELECT josso_role.name FROM josso_role , josso_user_role , josso_user
WHERE josso_user.login = ? AND josso_user.login = josso_user_role.login
AND josso_role.name = josso_user_role.name
</rolesquerystring>
<userpropertiesquerystring>
SELECT ’user.description’ AS name , description AS value
FROM josso_user WHERE login = ?
UNION
SELECT name AS name , value AS value FROM josso_user_property WHERE login = ?
</userpropertiesquerystring>
<connectionname>root</connectionname>
<connectionpassword>123456</connectionpassword>
<connectionurl>jdbc:mysql://localhost:3306/josso_exam</connectionurl>
<drivername>com.mysql.jdbc.Driver</drivername>
</sso-identity-store>
(4)、将MySQL的驱动拷贝到/src/webapp/josso/WEB-INF/lib目录下,供JDBC连接数据库时调用。
(5)、配置Josso的登陆点和注销点,在josso-agent-config.xml中修改,这里我们保持Josso系统默认的登陆和注销设置,同时注意应当把<endpoint>选项的localhost改为主机相对应的IP地址,否则SSO将会失效。
(6)、进入命令行模式,转到Josso的主目录下,执行build.bat war、build.bat install-jboss4和build.bat deploy-jboss4即可。
(7)、修改JBoss server\default\conf目录下的login-config.xml文件,在里面添加Josso的login模型。
<application-policy name="josso">
<authentication>
<login-module <br="" code="org.josso.jb4.agent.JBossSSOGatewayLoginModule">flag = "required">
<module-option name="debug">true</module-option>
</authentication>
</application-policy>
(8)、修改JBoss server/default/deploy/jbossweb-tomcat55.sar目录下的server.xml文件,在其中添加</endpoint><value>选项和</value><realm>选项。
</realm><valve classname="org.josso.tc55.agent.SSOAgentValve" debug="1">
<realm <br="" classname="org.josso.jb4.agent.JBossCatalinaRealm">appName="josso"
userClassNames="org.josso.gateway.identity.service.BaseUserImpl"
roleClassNames="org.josso.gateway.identity.service.BaseRoleImpl"
debug="1" />
(9)、启动JBoss。在浏览器中输入http://localhost:8080/partnerapp/protected,如果能转到登陆界面,然后输入用户名(user1)和密码(user1pwd)能够进行登陆,那么Josso和JBoss单点登陆(SSO)的集成就大功告成了