2025
01
18
2011
01
02
ブログ移行しました。
http://viblogrock.blogspot.com/
こちらに移行しました。
2011/01/02 (Sun.) Trackback() Comment(0) 未選択
2009
02
18
[GlassFish][OpenSSO] 設定続き PolicyAgent
PolicyAgentを設定して、webへのアクセスをOpenSSOに流します。
まず、password file を要求されるので、作成しておきます。
ex) C:\passwd.txt
\web_agents\sjsws_agent へ移動して、agentadmin --install を実行します。
ここを参考に
OpenSSO server URL : http://FQDN:8080/openssoAgent URL : http://FQDN:80
設定が完了すると、http://FQDN:80へのアクセスを
http://FQDN:8080/openssoに転送する?ようになります。
ためしに、http://FQDN:80にアクセスすると、「ページ読み込みエラー」になります。
OpenSSO側に設定が必要です。
OpenSSOの設定ページを開き、「アクセス制御」タブをクリック、
「/ (最上位のレルム)」をクリック。
「エージェント」タブをクリック。
「web」タブが選択されていることを確認し、エージェントの新規ボタンをクリック。
agentaadmin で設定した内容と同じ設定を行う。
続いて、ポリシーの設定を行います。
OpenSSOの設定ページを開き、「アクセス制御」タブをクリック、
「/ (最上位のレルム)」をクリック。
「ポリシー」タブをクリック。
「新規ポリシー」ボタンをクリック。
ルール、対象を設定します。
設定するルールはこんな感じ。
ルール: サービスタイプ:URL ポリシーエージェント リソース名:http://FQDN:80/* アクション: GET 許可 POST 許可 対象: OpenSSO アイデンティティー対象 選択したユーザー:amadmin のみ 条件:なし 応答プロバイダ:なし これで、http://FQDN:80/にアクセスすると、OpenSSOに未ログイン時は、ログインページに ログイン済み時は、対象のページに遷移する。 ちなみに、ページに遷移できるユーザはamadminのみ
2009/02/18 (Wed.) Trackback() Comment(0) 未選択
2009
02
18
[GlassFish][SSO] OpenSSO の適用なんか
GlassFishをインストールします。
http://sdc.sun.co.jp/java/series/glassfish/200803.html
Sun Java System Web Serverをインストールします。
sjsws-7_0u4-windows-i586.zip を解凍してインストール。
OpenSSOをインストールします。
opensso_enterprise_80.zip を解凍。
自ホストでOpenSSOを実行する場合、FQDNでアクセスできることを確認しておきます。
http://wikis.sun.com/pages/viewpage.action?pageId=32604295
GlassFishにOpenSSOのwarをdeployします。
\opensso\deployable-war\opensso.war を \glassfish\domains\domain1\autodeploy などにコピー。
openssoにアクセスします。
http://ホスト名(FQDN):8080/opensso
設定画面が表示されます。
デフォルト設定画面でパスワードを設定すると、設定完了です。
ログイン画面から、amadmin/先ほど指定したパスワード でログインできます。
続く。。。
2009/02/18 (Wed.) Trackback() Comment(0) 未選択
2009
02
16
[glassFish][SSO] OpenSSO
OpenSSOをダウンロード
opensso_express_20080804.zip の方です。
glassfishでウェブアプリを配備
./opensso/deployable-war/opensso.war
後はここを参考に設定する。
2009/02/16 (Mon.) Trackback() Comment(0) 未選択
2009
02
16
[Tomccat][SSO] Jossoデータベース管理化
基本的にはこれにならって修正する。
webapp/xxxに以下のようなcontext.xmlを置く。
<Context docbase="josso" path="josso" reloadable="true">
<Resource
name="jdbc/josso"
auth="Container"
type="javax.sql.DataSource"
username="root"
password=""
driverClassName="org.gjt.mm.mysql.Driver"
url="jdbc:mysql://localhost/josso"
maxActive="4"
maxWait="5000"
maxIdle="2"
/>
</Context>
gateway install --persintence db でインストールしなかった場合は、josso-gateway-stores.xmlを以下のように修正する。
<?xml version="1.0" encoding="UTF-8"?>
<!--
~ JOSSO: Java Open Single Sign-On
~
~ Copyright 2004-2009, Atricore, Inc.
~
~ This is free software; you can redistribute it and/or modify it
~ under the terms of the GNU Lesser General Public License as
~ published by the Free Software Foundation; either version 2.1 of
~ the License, or (at your option) any later version.
~
~ This software is distributed in the hope that it will be useful,
~ but WITHOUT ANY WARRANTY; without even the implied warranty of
~ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
~ Lesser General Public License for more details.
~
~ You should have received a copy of the GNU Lesser General Public
~ License along with this software; if not, write to the Free
~ Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
~ 02110-1301 USA, or see the FSF site: http://www.fsf.org.
~
-->
<s:beans xmlns:s="http://www.springframework.org/schema/beans"
xmlns:db-istore="urn:org:josso:db:identitystore"
xmlns:memory-istore="urn:org:josso:memory:identitystore"
xmlns:db-sstore="urn:org:josso:db:sessionstore"
xmlns:memory-sstore="urn:org:josso:memory:sessionstore"
xmlns:db-astore="urn:org:josso:db:assertionstore"
xmlns:memory-astore="urn:org:josso:memory:assertionstore"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
urn:org:josso:db:identitystore http://www.josso.org/schema/josso-db-identitystore.xsd
urn:org:josso:memory:identitystore http://www.josso.org/schema/josso-memory-identitystore.xsd
urn:org:josso:db:sessionstore http://www.josso.org/schema/josso-db-sessionstore.xsd
urn:org:josso:memory:sessionstore http://www.josso.org/schema/josso-memory-sessionstore.xsd
urn:org:josso:db:assertionstore http://www.josso.org/schema/josso-db-assertionstore.xsd
urn:org:josso:memory:assertionstore http://www.josso.org/schema/josso-memory-assertionstore.xsd
"
>
<!-- ===================================================================== -->
<!-- JOSSO Identity Store, the id is very important because it is -->
<!-- referenced by the session manager and who knows where else -->
<!-- ===================================================================== -->
<!--
<db-istore:datasource-store id="josso-identity-store"
dsJndiName="java:/DefaultDS"
userQueryString="SELECT NAME FROM JOSSO_USER WHERE LOGIN = ?;"
rolesQueryString="SELECT ROLE FROM JOSSO_USER_ROLE WHERE LOGIN = ?;"
credentialsQueryString="SELECT LOGIN AS USERNAME, PASSWORD FROM JOSSO_USER WHERE LOGIN = ?;"
userPropertiesQueryString="SELECT NAME, VALUE FROM JOSSO_USER_PROPERTY WHERE LOGIN = ?;"
resetCredentialDml="UPDATE JOSSO_USER SET PASSWORD = ? WHERE LOGIN = ?;"
relayCredentialQueryString="SELECT LOGIN FROM JOSSO_USER WHERE #?# = ?;" />
-->
<db-istore:jdbc-store
id="josso-identity-store"
driverName="com.mysql.jdbc.Driver"
connectionURL="jdbc:mysql://localhost:3306/josso"
connectionName="root"
connectionPassword=""
userQueryString="SELECT LOGIN AS NAME FROM JOSSO_USER WHERE LOGIN = ?"
rolesQueryString="SELECT NAME AS ROLE FROM JOSSO_USER_ROLE WHERE LOGIN = ?"
credentialsQueryString="SELECT LOGIN AS USERNAME, PASSWORD FROM JOSSO_USER WHERE LOGIN = ?"
userPropertiesQueryString="SELECT NAME, VALUE FROM JOSSO_USER_PROPERTY WHERE LOGIN = ?"
resetCredentialDml="UPDATE JOSSO_USER SET PASSWORD = ? WHERE LOGIN = ?"
relayCredentialQueryString="SELECT LOGIN FROM JOSSO_USER WHERE #?# = ?"
/>
<!--
<db-istore:jdbc-store
id="josso-identity-store"
driverName="org.hsqldb.jdbcDriver"
connectionURL="jdbc:hsqldb:mem:jossodb"
connectionName="sa"
connectionPassword=""
userQueryString="SELECT NAME FROM JOSSO_USER WHERE LOGIN = ?;"
rolesQueryString="SELECT ROLE FROM JOSSO_USER_ROLE WHERE LOGIN = ?;"
credentialsQueryString="SELECT LOGIN AS USERNAME, PASSWORD FROM JOSSO_USER WHERE LOGIN = ?;"
userPropertiesQueryString="SELECT NAME, VALUE FROM JOSSO_USER_PROPERTY WHERE LOGIN = ?;"
resetCredentialDml="UPDATE JOSSO_USER SET PASSWORD = ? WHERE LOGIN = ?;"
relayCredentialQueryString="SELECT LOGIN FROM JOSSO_USER WHERE #?# = ?;"
/>
-->
<!--
<memory-istore:memory-store id="josso-identity-store"
credentialsFileName="josso-credentials.xml"
usersFileName="josso-users.xml" s:scope="singleton" />
-->
<!-- ===================================================================== -->
<!-- JOSSO Session Store, the id is very important because it is -->
<!-- referenced by the session manager and who knows where else -->
<!-- ===================================================================== -->
<memory-sstore:memory-store id="josso-session-store"/>
<!-- Chagne the store implementation if you want to use DB Assertion stores (useful for clustesr and failover) -->
<!--
<db-sstore:jdbc-store
id="josso-session-store"
driverName="org.hsqldb.jdbcDriver"
connectionURL="jdbc:hsqldb:mem:jossodb"
connectionName="sa"
connectionPassword=""
loadQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME, ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE SESSION_ID = ?;"
loadAllQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME, ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION;"
insertDml="INSERT INTO JOSSO_SESSION VALUES (?, ?, ?, ?, ?, ?, ?);"
updateDml="UPDATE JOSSO_SESSION SET USERNAME = ?, CREATION_TIME = ?, LAST_ACCESS_TIME = ?, ACCESS_COUNT = ?, MAX_INACTIVE_INTERVAL = ?, VALID = ? WHERE SESSION_ID = ?;"
sizeQuery="SELECT COUNT(1) FROM JOSSO_SESSION;"
keysQuery="SELECT SESSION_ID FROM JOSSO_SESSION;"
loadByUserNameQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME, ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE USERNAME = ?;"
loadByValidQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME, ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE VALID = ?;"
loadByLastAccessTimeQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME, ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE LAST_ACCESS_TIME = ?;"
deleteDml="DELETE FROM JOSSO_SESSION WHERE SESSION_ID = ?;"
deleteAllDml="DELETE FROM JOSSO_SESSION;"
/>
-->
<!--
<db-sstore:datasource-store
id="josso-session-store"
dsJndiName="java:/DefaultDS"
loadQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME, ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE SESSION_ID = ?;"
loadAllQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME, ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION;"
insertDml="INSERT INTO JOSSO_SESSION VALUES (?, ?, ?, ?, ?, ?, ?);"
updateDml="UPDATE JOSSO_SESSION SET USERNAME = ?, CREATION_TIME = ?, LAST_ACCESS_TIME = ?, ACCESS_COUNT = ?, MAX_INACTIVE_INTERVAL = ?, VALID = ? WHERE SESSION_ID = ?;"
sizeQuery="SELECT COUNT(1) FROM JOSSO_SESSION;"
keysQuery="SELECT SESSION_ID FROM JOSSO_SESSION;"
loadByUserNameQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME, ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE USERNAME = ?;"
loadByValidQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME, ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE VALID = ?;"
loadByLastAccessTimeQuery="SELECT SESSION_ID, USERNAME, CREATION_TIME, LAST_ACCESS_TIME, ACCESS_COUNT, MAX_INACTIVE_INTERVAL, VALID FROM JOSSO_SESSION WHERE LAST_ACCESS_TIME = ?;"
deleteDml="DELETE FROM JOSSO_SESSION WHERE SESSION_ID = ?;"
deleteAllDml="DELETE FROM JOSSO_SESSION;"
/>
-->
<!-- ===================================================================== -->
<!-- JOSSO Assertion Store, the id is very important because it is -->
<!-- referenced by the assertion manager and who knows where elese -->
<!-- ===================================================================== -->
<!-- Chagne the store implementation if you want to use DB Assertion stores (useful for clustesr and failover) -->
<memory-astore:memory-store id="josso-assertion-store"/>
<!--
<db-astore:datasource-store
id="josso-assertion-store"
dsJndiName="java:/DefaultDS"
sizeQuery="SELECT COUNT(1) FROM JOSSO_ASSERTION;"
keysQuery="SELECT ASSERTION_ID FROM JOSSO_ASSERTION;"
loadAllQuery="SELECT ASSERTION_ID, SECURITY_DOMAIN_NAME, SSO_SESSION_ID, CREATION_TIME, VALID FROM JOSSO_ASSERTION;"
loadQuery="SELECT ASSERTION_ID, SECURITY_DOMAIN_NAME, SSO_SESSION_ID, CREATION_TIME, VALID FROM JOSSO_ASSERTION WHERE ASSERTION_ID = ?;"
deleteAllDml="DELETE FROM JOSSO_ASSERTION;"
deleteDml="DELETE FROM JOSSO_ASSERTION WHERE ASSERTION_ID = ?;"
insertDml="INSERT INTO JOSSO_ASSERTION VALUES (?, ?, ?, ?, ?);"
/>
-->
</s:beans>
2009/02/16 (Mon.) Trackback() Comment(0) 未選択