Single login and session on multiple services is something very useful and straightforward for the end user, but hard to develop and maintain from technical point of view. Especially when SSO solution is going to be implemented on the existing services with custom authentication and user management methods. Of course there are many API's especially on enterprise level which allows developer to move authentication logic to separate layer. For example JAAS in case of Java applications.
But when we have to deal with multiple platform on multiple servers some solution build on top of environment frameworks is required. JOSSO is most known open source solution for
In my example I will present example solution composed of central JOSSO server and two partner services one written in PHP and second one java Java legacy servlet and JSP application with authentication logic build in deployed on tomcat, and one modern java enterprise application.
Setting up JOSSO server
Setting a JOSSO server and easy and well described in this document , so I'll skip it.
Modern Java Applications (JAAS)
This is also good described on JOSSO home page in this document.
PHP
There is available PHP example in JOSSO source tree, but it little outdated and just not working. It is using NuSOAP PHP classes which was replaced long time ago with better SOAP classes build in PHP. So I build my custom classes that access JOSSO web services and allows PHP app to authenticate. I used standard soap library to utilize JOSSO web services (so soap library have to be available on PHP installation). I haven't used autoprepend clause because in my opinion service user rarely has access to php.ini. To use JOSSO with php you have to call ssoGetUser function on very beginning of every page which should be aware login status.
Java legacy code
During deployment of JOSSO I had a challenge to integrate JOSSO with Java Legacy servlets and JSP with existing sophisticated authentication infrastructure. Adding JAAS was not option because of system architecture. I also had to avoid adding to much new JAR's to project because of possibility of conflict with version. Thats the reason why I taken similar approach as in PHP version – just tie my application with JOSSO server with plain Web Services.
I used JAX-WS wizard build in NetBeans 6.7 to generate bindings with web services. You can take multiple approaches to integrate JOSSO library with your legacy JSP/servlet. You can create filter or event add user check at beginning of every JSP file.
Sources:
You can download source code of examples mentioned above here. For PHP files you have just to copy files to your PHP server and check if SOAP is supported on it. With Java situation is little more difficault – you have to generate WebServices JAX-WS. You can do it using wizard in NetBeans 6.5+ or SOAPUI.
License:
New BSD, please consult license.txt file
Brak komentarzy:
Prześlij komentarz