Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 3 Next »

Overview

WebproxyPortlet v2 Gateway SSO is a feature that allows uPortal to signon to any remote system even if the remote system does not share any authentication information with uPortal.  Gateway SSO will submit login information to the remote system and then redirect to that remote system.  Other SSO solution assume that uPortal has authenticated to some system, such as CAS and will then trust CAS to say the user is authenticated.  In this system, the authentication information is submitted to the remote system invisibly to the user.  This solution has the inherent risks of sending user authentication information over the wire, rather than a security token, but this solution does not require external systems to implement CAS or another authentication system.  It is therefore nearly invisible to any external system to which uPortal would want to connect.

Portlet Configuration

Gateway SSO must be defined in portlet.xml, like any other portlet. 

portlet.xml example
    <portlet>
        <portlet-name>GatewayPortlet</portlet-name>
        <portlet-class>org.springframework.web.portlet.DispatcherPortlet</portlet-class>
        <init-param>
            <name>contextConfigLocation</name>
            <value>/WEB-INF/context/portlet/gateway-sso-portlet.xml</value>
        </init-param>
        <expiration-cache>0</expiration-cache>
        <supports>
            <mime-type>text/html</mime-type>
            <portlet-mode>view</portlet-mode>
            <portlet-mode>edit</portlet-mode>
        </supports>
        <portlet-info>
            <title>WebProxy Portlet</title>
        </portlet-info>
        <portlet-preferences>
            <preference>
                <name>openInNewPage</name>
                <value>true</value>
            </preference>
        </portlet-preferences>
    </portlet>

One interesting portlet preference is "openInNewPage".  True will direct the response after clicking on the link to a new tab in your browser; false will direct to the current tab.

The description of the portlet itself lives in the portlet definition file:

gateway-sso-portlet.xml
<beans xmlns="http://www.springframework.org/schema/beans" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xmlns:context="http://www.springframework.org/schema/context" xmlns:p="http://www.springframework.org/schema/p"
       xmlns:util="http://www.springframework.org/schema/util"
       xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
      http://www.springframework.org/schema/context http://www.springframework.org/schema/context/spring-context.xsd
      http://www.springframework.org/schema/util http://www.springframework.org/schema/util/spring-util.xsd">

    <context:component-scan base-package="org.jasig.portlet.proxy.mvc.portlet.gateway" />
    <context:annotation-config />

    <bean
            class="org.springframework.beans.factory.config.PropertyPlaceholderConfigurer">
        <property name="location" value="classpath:configuration.properties" />
    </bean>
    <util:list id="gatewayEntries" scope="session">
          <bean class="org.jasig.portlet.proxy.mvc.portlet.gateway.GatewayEntry" p:name="MyZimbra"
              p:iconUrl="/ResourceServingWebapp/rs/tango/0.8.90/32x32/apps/internet-mail.png">

            <property name="externalLogic">
                <util:list>
                    <bean id="step1" class="org.jasig.portlet.proxy.service.web.MyCustomClass"  scope="session" p:fieldName="proxiedLocation"/>
                    <bean id="step2" class="org.jasig.portlet.proxy.service.web.MyCustomClass2" scope="singleton" p:fieldName="testField" />
                </util:list>
            </property>

            <property name="contentRequests">
                <util:map>
                    <entry>
                        <key>
                            <bean class="org.jasig.portlet.proxy.service.web.HttpContentRequestImpl"
                                  p:proxiedLocation="https://zimbra.unicon.net/zimbra/"
                                  p:form="true" p:method="POST">
                                <property name="parameters">
                                    <util:map>
                                        <entry>
                                            <key><value>loginOp</value></key>
                                            <bean class="org.jasig.portlet.proxy.service.web.FormFieldImpl"
                                                    p:name="loginOp" p:value="login"/>
                                        </entry>
                                        <entry>
                                            <key><value>username</value></key>
                                            <bean class="org.jasig.portlet.proxy.service.web.FormFieldImpl"
                                                    p:name="username" p:value="{prefs.myzimbra.uid}"/>
                                        </entry>
                                        <entry>
                                            <key><value>password</value></key>
                                            <bean class="org.jasig.portlet.proxy.service.web.FormFieldImpl"
                                                    p:name="password" p:value="{prefs.myzimbra.pwd}" p:secured="true"/>
                                        </entry>
                                    </util:map>
                                </property>
                            </bean>
                        </key>
                        <util:list>
                            <value>userInfoUrlParameterizingPreInterceptor</value>
                            <value>UserPreferencesPreInterceptor</value>
                        </util:list>
                    </entry>
                </util:map>
            </property>
        </bean>

		<!-- additional external systems to display -->
		<bean ...></bean> 
    </util:list>
    <bean class="org.springframework.web.portlet.mvc.annotation.DefaultAnnotationHandlerMapping">
        <property name="interceptors"><bean class="org.jasig.portlet.proxy.mvc.MinimizedStateHandlerInterceptor"/></property>
    </bean>

</beans>

 

GatewayEntry

HttpContentRequestImpl

FormFieldImpl

 

Interceptors

IPreInterceptor

UserPreferencePreInterceptor

UserInfoUrlParameterizingPreInterceptor

Custom Logic

ExternalLogic

  • No labels