[Jhs-leads] SSO Security Jumpstart
Maheu, Mike
Mike.Maheu@dep.state.fl.us
Tue, 21 Jun 2005 11:14:11 -0400
This is a multi-part message in MIME format.
------_=_NextPart_001_01C57673.E103CB42
Content-Type: text/plain;
charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
All.
There are a lot of projects trying to integrate with the new SSO, so I =
wanted
to send out this general instruction email. Also I would like to invite =
any
project that may need SSO now or in the near future to attend the =
JHS-SSO
jumpstart, Friday the 24th in Room 609 at the Twin Towers.
By then WACA will be fully integrated with the SSO and the new Oracle =
SSO
schema will be complete and integrated as well. Soon there after, I will
build the interface to add users and groups to the new schema. Thanks to =
all
for being so patient.
=20
Mike Maheu
=20
=20
1. This dependency will be required on all projects that will want SSO
security. This stanza must be included as part of the project.xml file =
in
order for Maven to include the sso-client jar in the application.
=20
<dependency>
<groupId>sso-client</groupId>
<artifactId>sso-client</artifactId>
<version>1.0.0</version>
<properties><war.bundle>true</war.bundle></properties>
</dependency>
=20
2. add an entry in the web.xml file for the security filter. Mike's =
input
here.......
=20
<filter>
<filter-name>CAS Filter</filter-name>
<filter-class>fdep.sso.cas.client.filter.CASFilter</filter-class>
<init-param>
<param-name>fdep.sso.cas.client.filter.loginUrl</param-name>
<param-value>https://
epic52.dep.state.fl.us:4444/jhs-sso/login</param-value>
</init-param>
<init-param>
<param-name>fdep.sso.cas.client.filter.validateUrl</param-name>
=20
<param-value>https://epic52.dep.state.fl.us:4444/jhs-sso/serviceValidate<=
/par
am-value>
</init-param>
<init-param>
<param-name>fdep.sso.cas.client.filter.serviceUrl</param-name>
<param-value>http://
epic52.dep.state.fl.us:7778/sso-exp/jsp/start.jsp</param-value>
</init-param> =20
</filter>
<filter-mapping>
<filter-name>CAS Filter</filter-name>
<url-pattern>/*</url-pattern>
</filter-mapping>
=20
3. Insure the WACA tables have entries for the application users that
contain the necessary information on the application's users. Spencer's
group is setting this up now so that the user data can be loaded.
=20
4. The applications must implement a User object from the sso-client =
jar. =20
=20
Import fdep.sso.cas.user.User;
=20
User user =3D request.getAttribute("user"); =20
=20
** You will need to store the User object in the session if you need it =
after
this.
------_=_NextPart_001_01C57673.E103CB42
Content-Type: text/html;
charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
<html xmlns:v=3D"urn:schemas-microsoft-com:vml" =
xmlns:o=3D"urn:schemas-microsoft-com:office:office" =
xmlns:w=3D"urn:schemas-microsoft-com:office:word" =
xmlns:st1=3D"urn:schemas-microsoft-com:office:smarttags" =
xmlns=3D"http://www.w3.org/TR/REC-html40">
<head>
<meta http-equiv=3DContent-Type content=3D"text/html; =
charset=3Dus-ascii">
<meta name=3DGenerator content=3D"Microsoft Word 11 (filtered medium)">
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PlaceType"/>
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"PlaceName"/>
<o:SmartTagType =
namespaceuri=3D"urn:schemas-microsoft-com:office:smarttags"
name=3D"place"/>
<!--[if !mso]>
<style>
st1\:*{behavior:url(#default#ieooui) }
</style>
<![endif]-->
<style>
<!--
/* Style Definitions */
p.MsoNormal, li.MsoNormal, div.MsoNormal
{margin:0in;
margin-bottom:.0001pt;
font-size:12.0pt;
font-family:"Times New Roman";}
a:link, span.MsoHyperlink
{color:blue;
text-decoration:underline;}
a:visited, span.MsoHyperlinkFollowed
{color:purple;
text-decoration:underline;}
span.EmailStyle17
{mso-style-type:personal-compose;
font-family:Arial;
color:windowtext;}
@page Section1
{size:8.5in 11.0in;
margin:1.0in 1.25in 1.0in 1.25in;}
div.Section1
{page:Section1;}
-->
</style>
<!--[if gte mso 9]><xml>
<o:shapedefaults v:ext=3D"edit" spidmax=3D"1026" />
</xml><![endif]--><!--[if gte mso 9]><xml>
<o:shapelayout v:ext=3D"edit">
<o:idmap v:ext=3D"edit" data=3D"1" />
</o:shapelayout></xml><![endif]-->
</head>
<body lang=3DEN-US link=3Dblue vlink=3Dpurple>
<div class=3DSection1>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>All.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>There are a lot of projects trying to integrate with =
the new
SSO, so I wanted to send out this general instruction email. Also I =
would like
to invite any project that may need SSO now or in the near future to =
attend the
JHS-SSO jumpstart, Friday the 24<sup>th</sup> in Room 609 at the =
<st1:place
w:st=3D"on"><st1:PlaceName w:st=3D"on">Twin</st1:PlaceName> =
<st1:PlaceType =
w:st=3D"on">Towers</st1:PlaceType></st1:place>.<o:p></o:p></span></font><=
/p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>By then WACA will be fully integrated with the SSO =
and the
new Oracle SSO schema will be complete and integrated as well. Soon =
there after,
I will build the interface to add users and groups to the new schema. =
Thanks to
all for being so patient.<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'>Mike Maheu<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 face=3DArial><span =
style=3D'font-size:10.0pt;
font-family:Arial'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>1. This dependency =
will be
required on all projects that will want SSO security. This stanza =
must be
included as part of the project.xml file in order for Maven to include =
the
sso-client jar in the application.<o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'><o:p> </o:p></span></fo=
nt></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>
<dependency><o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'> &nbs=
p;
<groupId>sso-client</groupId><o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'> &nbs=
p;  =
;
<artifactId>sso-client</artifactId><o:p></o:p></span></font><=
/p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'> &nbs=
p;
<version>1.0.0</version><o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'> &nbs=
p;
<properties><war.bundle>true</war.bundle></propertie=
s><o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>
</dependency><o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'><o:p> </o:p></span></fo=
nt></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>2. add an entry in =
the web.xml
file for the security filter. Mike's input =
here.......<o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
color=3Dnavy
face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;color:navy'><o:p> </o:p>=
</span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'><filter><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> <filter-name>CAS
Filter</filter-name><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'>
<filter-class>fdep.sso.cas.client.filter.CASFilter</filter-class=
><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> =
<init-param><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'>
<param-name>fdep.sso.cas.client.filter.loginUrl</param-name><=
o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> <param-value>https://
epic52.dep.state.fl.us:4444/jhs-sso/login</param-value><o:p></o:p><=
/span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> =
</init-param><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> =
<init-param><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'>
<param-name>fdep.sso.cas.client.filter.validateUrl</param-name&g=
t;<o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'>
<param-value>https://epic52.dep.state.fl.us:4444/jhs-sso/serviceVal=
idate</param-value><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> =
</init-param><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> =
<init-param><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'>
<param-name>fdep.sso.cas.client.filter.serviceUrl</param-name>=
;<o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> <param-value>http://
epic52.dep.state.fl.us:7778/sso-exp/jsp/start.jsp</param-value><o:p=
></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'>
</init-param> =
<o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> </filter><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> <filter-mapping><o:p></o:p></span></font></=
p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> <filter-name>CAS
Filter</filter-name><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> =
<url-pattern>/*</url-pattern><o:p></o:p></span></font></p>
<p class=3DMsoNormal =
style=3D'margin-left:.25in;text-autospace:none'><font size=3D2
color=3Dnavy face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;
color:navy'> </filter-mapping><o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'><o:p> </o:p></span></fo=
nt></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>3. Insure the WACA =
tables have
entries for the application users that contain the necessary information =
on the
application's users. Spencer's group is setting this up now so =
that the
user data can be loaded.<o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'><o:p> </o:p></span></fo=
nt></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'>4. The applications must =
implement a
User object from the sso-client jar. <o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
color=3Dnavy
face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;color:navy'>  =
; =
<o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
color=3Dnavy
face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;color:navy'>  =
;
Import fdep.sso.cas.user.User;<o:p></o:p></span></font></p>
<p class=3DMsoNormal style=3D'text-autospace:none'><font size=3D2 =
color=3Dnavy
face=3DArial><span =
style=3D'font-size:10.0pt;font-family:Arial;color:navy'>  =
; =
<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'> =
User
user =3D request.getAttribute(“user”); =
<o:p></o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'><o:p> </o:p></span></font></p>
<p class=3DMsoNormal><font size=3D2 color=3Dnavy face=3DArial><span =
style=3D'font-size:
10.0pt;font-family:Arial;color:navy'>** You will need to store the User =
object
in the session if you need it after this.</span></font><font size=3D2 =
face=3DArial><span
style=3D'font-size:10.0pt;font-family:Arial'><o:p></o:p></span></font></p=
>
</div>
</body>
</html>
------_=_NextPart_001_01C57673.E103CB42--