how to work with Single sign-on?

[zsrhao]

Hi all,

 

How could I implement single sign-on when I want to access JI after I have logged in my web application? Is the case that JI has CAS server and what I need do is just code for client?

 

Thank you in advance!

Post edited by: zsrhao, at: 2006/11/30 06:26

[swood]

Have a look at this thread http://www.jasperforge.org/index.php?option=com_joomlaboard&Itemid=215&func=view&id=18604&catid=10

 

 

There is also documentation on the JI project web site at: http://jasperforge.org/sf/wiki/do/viewPage/projects.jasperintelligence/wiki/AuthenticationConfiguration

 

 

 

 

Sherman

JasperSoft

[avu]

We would like to bypass the JI login process (our users has already been authenticated), is there a way we can pass the username/password into JI and have it go directy into JI?

 

Please advise,

 

Ann

[swood]

We do this all the time.

 

You will need to create a filter that does the required Acegi Security work to set the authentication, and include the filter in the Acegi filter list.

 

 

 

 

Sherman

JasperSoft

[subhasreejith]

Hi,

 

Could you please elaborate on this. We also have the same situation.Which filter do you use and how is it done? If you could share the piece of code it would be great.

 

Subha

[swood]

How are your users authenticated? Is there something in the environment that indicates that a user is logged in, like a cookie?

 

Sherman

Jaspersoft

[subhasreejith]

Hi Sherman,

First of all thanks for replying !

Below is the description of our requirement :

We have one Portal Application and  a jasper application deployed in a weblogic application server domain.

LDAP Authenticator is configured for both the applications and we are able to login into both the applications using LDAP users.

Now once the user is authenticated at the portal application, on the landing page, there will be one hyper link which points to the jasper application to display the reports. This time when user hits the hyper link of jasper application, he should not be prompted for the reauthentication and should be given access directly  based on the authentication he did at portal application side.

In weblogic server, there are 4 ways by whic we can implement the SSO. Check the below link for details:

http://www.uright.ca/?p=10

We are trying the second option i.e Security Realm Subject.

In this option,  Once the user is authenticated,the user principals are signed and stored in a subject container which is visible to all applications within the same domain.

This option works fine with the simple j2ee applications where we authenticate at first application and can directly access the protected page of the second application. But in case of jasper application it is not working.

Your help in this regard will be highly appericiated .

Thanks in advance,

Subha

[subhasreejith]

Hi Sherman,

 

Please help us solve the issue as we are stuck up. Please do reply us with a sample piece of code.Thanks in Advance.

 

Subha

[swood]

From download-llnw.oracle.com/docs/cd/E15051_01/wls/docs103/notes/new.html it looks like WebLogic Portal integrates with Spring Security, but I don't know the details. You will need to update the JasperServer Spring Security configuration (WEB-INF/applicationContext-security.xml) to do the integration.

 

Sherman

Jaspersoft

[subhasreejith]

Hi SHerman,

 

Can you please share the code for authentication used in applicationContext-security.xml?

 

Thanks,

Subha

[kitakura]

I am not sure if this will help you but when I implemented OAM (Oracle Access Management) and Acegi, I had to create custom AuthenticationProcessingFilter and UserDetailsService.

Check out SiteminderAuthenticationProcessingFilter as an example.

http://www.acegisecurity.org/acegi-security/xref/org/acegisecurity/ui/webapp/SiteminderAuthenticationProcessingFilter.html

Good luck!