Liferay, Alfresco, SSO and LDAP Full Integration



Similar documents
How To Configure The Jasig Casa Single Sign On On A Workstation On Ahtml.Org On A Server On A Microsoft Server On An Ubuntu (Windows) On A Linux Computer On A Raspberry V

Identity Management in Liferay Overview and Best Practices. Liferay Portal 6.0 EE

Salesforce Opportunities Portlet Documentation v2

Agenda. How to configure

Authentication Methods

Deploying RSA ClearTrust with the FirePass controller

Absorb Single Sign-On (SSO) V3.0

Directory and File Transfer Services. Chapter 7

Single Sign-on (SSO) technologies for the Domino Web Server

Unlocking the Secrets of Alfresco Authentication. Mehdi BELMEKKI,! Consultancy Team! Alfresco!

Configuring ADFS 3.0 to Communicate with WhosOnLocation SAML

Approaches and challenges for a SSO enabled extranet using Jasig CAS. Florian Holzschuher René Peinl

Configuring Sponsor Authentication

Configuring and Using the TMM with LDAP / Active Directory

Table of contents. Jasig CAS support for the Spring Security plugin.

Sakai and uportal Integration Options

Copyright: WhosOnLocation Limited

White Paper March 1, Integrating AR System with Single Sign-On (SSO) authentication systems

Qualtrics Single Sign-On Specification

Stefan Thomé Yves Kising

Liferay Enterprise ecommerce. Adding ecommerce functionality to Liferay Reading Time: 10 minutes

WebOTX Portal. November, NEC Corporation, Cloud Platform Division, WebOTX Group

Biometrics for Global Web Authentication: an Open Source Java/J2EE-Based Approach

Securing WebFOCUS A Primer. Bob Hoffman Information Builders

Remote Authentication and Single Sign-on Support in Tk20

Using LDAP Authentication in a PowerCenter Domain

SAML-Based SSO Solution

SecureAware on IIS8 on Windows Server 2008/- 12 R2-64bit

Integrating WebSphere Portal V8.0 with Business Process Manager V8.0

Your Question. Article: Question: How do I Configure LDAP with Net Report?

This presentation explains how to integrate Microsoft Active Directory to enable LDAP authentication in the IBM InfoSphere Master Data Management

Mobile Devices: Server and Management Lesson 06 Device Management

Consuming a Web Service(SOAP and RESTful) in Java. Cheat Sheet For Consuming Services in Java

Tenrox. Single Sign-On (SSO) Setup Guide. January, Tenrox. All rights reserved.

Chapter 3 Authenticating Users

Integrating IBM Cognos 8 BI with 3rd Party Auhtentication Proxies

Building Secure Applications. James Tedrick

INUVIKA OPEN VIRTUAL DESKTOP FOUNDATION SERVER

ClearPass A CAS Extension Enabling Credential Replay

Luminis Platform Banner Document Management Suite Portal Guide. Release November 2011

Quality Center LDAP Guide

Active Directory Requirements and Setup

CMDBuild Authentication (file auth.conf)

GlassFish Security. open source community experience distilled. security measures. Secure your GlassFish installation, Web applications,

Pierce County IT Department GIS Division Xuejin Ruan Dan King

gomobi Traffic Switching Guide Version 0.9, 28 September 2010

X.500 and LDAP Page 1 of 8

USING FEDERATED AUTHENTICATION WITH M-FILES

SOA REFERENCE ARCHITECTURE: WEB TIER

NETASQ ACTIVE DIRECTORY INTEGRATION

About Me. Software Architect with ShapeBlue Specialise in. 3 rd party integrations and features in CloudStack

IBM SPSS Collaboration and Deployment Services Version 6 Release 0. Single Sign-On Services Developer's Guide

SAML Security Option White Paper

Authentication. Authentication in FortiOS. Single Sign-On (SSO)

OpenLDAP Oracle Enterprise Gateway Integration Guide

LDAP / SSO Authentication

Step-by-Step guide for SSO from MS Sharepoint 2010 to SAP EP 7.0x

OpenSSO: Cross Domain Single Sign On

SAML-Based SSO Solution

SchoolBooking SSO Integration Guide

Egnyte Single Sign-On (SSO) Configuration for Active Directory Federation Services (ADFS)

Spring Security CAS Plugin - Reference Documentation. Burt Beckwith. Version M1

Lesson: All About Sockets

USER GUIDE. Lightweight Directory Access Protocol (LDAP) Schoolwires Centricity

CA Performance Center

From centralized to single sign on

Configuration Worksheets for Oracle WebCenter Ensemble 10.3

KonaKart Portlet Installation for Liferay. 6 th February DS Data Systems (UK) Ltd., 9 Little Meadow Loughton, Milton Keynes Bucks MK5 8EH UK

Web Services Security: OpenSSO and Access Management for SOA. Sang Shin Java Technology Evangelist Sun Microsystems, Inc. javapassion.

LDAP Directory Integration with Cisco Unity Connection

Configure SecureZIP for Windows for Entrust Entelligence Security Provider 7.x for Windows

There are more security levels in ARCHIBUS, as described bellow.

McAfee Cloud Identity Manager

Integrating OID with Active Directory and WNA

Configuring Parature Self-Service Portal

Architecture of Enterprise Applications III Single Sign-On

Workspot Configuration Guide for the Cisco Adaptive Security Appliance

SAAS. Best practices for SAAS implementation using an Open Source Portal (JBoss)

Upgrading User-ID. Tech Note PAN-OS , Palo Alto Networks, Inc.

per concurrent user - OnDemand per managed server per named user - OnDemand

IGI Portal architecture and interaction with a CA- online

Getting Started with AD/LDAP SSO

INTEGRATION GUIDE. DIGIPASS Authentication for Google Apps using IDENTIKEY Federation Server

How To Authenticate On An Xtma On A Pc Or Mac Or Ipad (For A Mac) On A Network With A Password Protected (For An Ipad) On An Ipa Or Ipa (For Mac) With A Log

Using different Security Policies on Group Level for AD within one Portal. SSL-VPN Security on Group Level. Introduction

Exceed ondemand. Configuring LDAP. Technical Note. April Abstract

SOLR INSTALLATION & CONFIGURATION GUIDE FOR USE IN THE NTER SYSTEM

SOFTWARE BEST PRACTICES

Authentication and Single Sign On

PeopleSoft Enterprise Directory Interface

Integrating Webalo with LDAP or Active Directory

SAML application scripting guide

SAP Certified Technology Professional - Security with SAP NetWeaver 7.0. Title : Version : Demo. The safer, easier way to help you pass any IT exams.

Enabling Single Signon with IBM Cognos 8 BI MR1 and SAP Enterprise Portal

Ensure that your environment meets the requirements. Provision the OpenAM server in Active Directory, then generate keytab files.

Transcription:

Liferay, Alfresco, SSO and LDAP Full Integration A generic solution of SSO plus LDAP against - Liferay Portals and Alfresco portlets - Alfresco (compliant) standalone applications Jonas Yuan July 18, 2007

Agenda 1. Overview 2. LDAP & SSO 3. Filters in Action 4. Portlets In Action 5. Real Examples 6. Summary

Liferay Alfresco CampusDocs Portlet SSO 4 SSO 3 SSO 1 SSO 2 Alfresco SSO Authentication Authentication LDAP

What is LDAP? LDAP = Lightweight Directory Access Protocol An application protocol for querying and modifying directory services running over TCP/IP. A Directory Information Tree (DIT) is data represented in a hierarchical treelike structure consisting of the Distinguished names (DNs) of the directory entries.

What is SSO? SSO = Single Sign-On Single sign-on (SSO) is a method of access control that enables a user to authenticate once and gain access to the resources of multiple software systems. The JA-SIG Central Authentication Service (CAS) is an open single sign-on service that allows web applications the ability to defer all authentication to a trusted central server or servers.

Filters In Action Enhanced SSO Filter Authenticating SSO Server with LDAP Enhanced validating URL in SSO Server Authenticating with LDAP Log-in Automatically E. g. SSO 1, 2, 3 Session Manager FILTER SSO LDAP

Enhanced SSO Filter <filter><filter-name>cas Filter</filter-name> <filter-class>com.cignex.filters.sso.cas.casfilter</filter-class> <init-param> <param-name>cas_server_url</param-name> <param-value>https://docs.cignex.com/cas-web</param-value> </init-param> <init-param> <param-name>service_path</param-name> <param-value>/index.jsp</param-value> </init-param> <init-param> <param-name>application_type</param-name> <param-value>alfresco</param-value> </init-param></filter> <filter-mapping><filter-name>cas Filter</filter-name> <url-pattern>/index.jsp</url-pattern></filter-mapping> <filter-mapping><filter-name>cas Filter</filter-name> <url-pattern>/logout</url-pattern></filter-mapping>

Authenticating SSO with LDAP Add Adaptors - LDAP Authentication Configure LDAP server with LDAP server <bean id="contextsource" class="org.jasig.cas.adaptors.ldap.util.authenticatedldapcontextso urce"> <property name="urls"> <list> <value>ldap://docs.cignex.com:10389</value> </list> </property> </bean>

Enhanced validating URL in SSO Server public static String retrieve(string url) throws IOException { BufferedReader r = null; try { url = url.replace("https://", "http://"); //add URL u = new URL(url); URLConnection uc = u.openconnection(); uc.setrequestproperty("connection", "close"); r = new BufferedReader(new InputStreamReader(uc.getInputStream())); String line; StringBuffer buf = new StringBuffer(); while ((line = r.readline())!= null) buf.append(line + "\n"); return buf.tostring(); } finally { } }

Authenticating with LDAP Configurable <bean id="ldapextinitialdircontextfactory" class="com.cignex.portal.security.authentication.ldap.ldapinitialdircontextfactoryimpl"> <property name="initialdircontextenvironment"> <map> <!-- The LDAP provider --> <entry key="java.naming.factory.initial"> <value>com.sun.jndi.ldap.ldapctxfactory</value> </entry> <entry key="java.naming.provider.url"> <value>ldap://docs.cignex.com:10389</value> </entry> <entry key="java.naming.security.authentication"> <value>simple</value> </entry> </map> </property> </bean>

Log-in Automatically Reuse log-in mechanism of different applications Liferay Portal, Alfresco, CampusDocs. One Interface, many implementations Initialize applications Redirection

Portlets In Action Loading portlet Tracing current user from Filter Authenticating portlet with LDAP Log-in Automatically E.g. SSO 4 PORTLETS FILTER SSO LDAP

Generic Portlet Interface Portlet JSON Portlet MyFaces Portlet Portlet ICEFaces Portlet

Authenticating Portlet with LDAP Configurable & Reusable <!-- Single Sign On Authentication --> <bean name="ssoextauthenticationcontext" class="com.cignex.portal.security.authentication.sso.ssoauthenticationcon text" > <property name="allowsinglesignon"> <value>true</value> </property> <property name="filter"> <value>cas_sso</value> </property> </bean>

Log-in Automatically Reuse log-in mechanism of different portlets Alfresco (MyFaces), CampusDocs (ICEfaces). One Interface, multiple implementations Initialize portlet Trace session & context Portlet & Servlet Redirection

Real Examples 1. SSO CAS plus LDAP ADS against Alfresco Standalone Application (v 2.0.1) 2. SSO CAS plus LDAP ADS against Alfresco Compliant Standalone Application 3. SSO CAS plus LDAP ADS against Liferay Portal (4.3) and Alfresco Portlet (v 2.0.1)

Summary A generic solution of SSO CAS plus LDAP ADS against Alfresco Standalone Application (v 2.0.1) Alfresco Compliant Standalone Application Liferay Portal (4.3) and Alfresco Portlet (v 2.1) Instructions for Do-It-Yourselfers Sources - http://liferay.cignex.com Q & A

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information