: GateIn + OpenAM 9.5.2 I'm actually trying GateIn for my firm and I don't manage to integrate OpenAM and GateIn. I follow all the steps in the GateInReference Guide but I've a problem. The
I'm actually trying GateIn for my firm and I don't manage to integrate OpenAM and GateIn.
I follow all the steps in the GateInReference Guide but I've a problem.
The scenario of the problem is :
Go to localhost:8080/portal
Click Administrator
I'm redirected to : openam.vauban.com:2080/openam_s952/UI/Login?realm=gatein&goto=http://localhost:8080/portal/private/classic
I filled in the form with root / gtn
I'm redirected to localhost:8080/portal/private/classic and the page is blank and the main fact is : The system seems to redirect me to this page infinitely..
Does Someone know an issue for this infinite loop?
For information I have configured my OpenAM :
Yo encode the cookies, use c66encode.
More posts by @Vandalay111
3 Comments
Sorted by latest first Latest Oldest Best
For information, the bug is really tricky in Windows Dev mode.
For Exo, the solution is :
Please remove 127.0.0.1 address in your hosts file and try again.
The contents of your hosts file must be:
@IP (your IP address) openam.vauban.com
+
This is the right scenario to use in order to check that openAM works fine with your eXoPlatform bundle:
Go to /portal instead of /portal/sso in order to create cookies in the browser, because if we go directly to /portal/sso we get this exception and there is always an opened jboss portal issue for this problem issues.jboss.org/browse/GTNPORTAL-1908. Go to /portal/sso.
You will be redirect to the openAM login screen.
Connect as root/gtn.
You will be redirect to /portal/private with a login page.
Moreover I would like to add for OpenAM, be careful on the domain you use. Because if you use two different servers on two different domains you have to change the value of the domain cookie in OpenAM.
Then, you have to change the ErrorLoginServlet and the PortalLoginServlet (web.xml of portal) because they use the bad servlet to manage the login part of exo.
Macois
Thanks for helping me during this aventure,
So, I did some tests :
On ubuntu (@Home || @Work on a VM) :
OpenAM (default configuration) + GateIn Tomcat : OK
OpenAM (default configuration) + GateIn JBoss : OK
OpenAM (default configuration) + ExoPlatform : OK
OpenAM (manual configuration) + GateIn Tomcat : OK
OpenAM (manual configuration) + GateIn JBoss : OK
OpenAM (manual configuration) + ExoPlatform : OK
On Windows :
OpenAM (default configuration) : Impossible to install it, there is an existing GIRA for this point.
OpenAM (manual configuration) + GateIn Tomcat : KO, cf. point 4.
OpenAM (manual configuration) + GateIn JBoss : KO, cf. point 4.
OpenAM (manual configuration) + ExoPlatform : KO, cf. point 4.
Note : 1) The difference between the manual and the default configuration is the domain name. All my tests are on a local machine. In the default configuration, OpenAM use the domain name "localhost" contrary to the manual configuration where you can't choose the domain name. In this case, I've chosen a domain name that points on the localhost (in Windows, I modified the hosts file for example and added a domain name for 127.0.0.1)
2) I tested ExoPlatform because GateIn have some similar codes since GateIn comes from ExoPlatform and JBoss Portal.
3) In the documentation, the syntax of the jaas.conf file is false, the right way to write it is :
gatein-domain {
// org.exoplatform.web.security.PortalLoginModule required;
// org.exoplatform.services.security.jaas.SharedStateLoginModule required;
// org.exoplatform.services.security.j2ee.TomcatLoginModule required;
// Uncomment the following part (and comment the other part for CAS integration
org.gatein.sso.agent.login.SSOLoginModule required;
org.exoplatform.services.security.j2ee.TomcatLoginModule required
portalContainerName="portal"
realmName="gatein-domain";
};
4) When the result is KO, it's appears the bug is the blank plage or the loop on the blank page that I described earlier. OpenAM, after a successful authentification, redirects you to the portal and in the portal something fails... May be the validation of the cookie or something like that, if you have any idea, please share it.
5) For the manual configuration, the chosen domain is : .vauban.com but in the cookies the domain writen in the cookie is localhost... Not strange because in the /etc/hosts or /Windows/system32/drivers/etcs/hosts/ 127.0.0.1 refers to localhost and/or openam.vauban.com.But when it's KO, the cookie has the domain .vauban.com in the cookie.
Conclusion ???? : I need some helps to "understand" why in Windows, it's so impossible....
The guide is wrong on one point :
=> The modification on the jaas.conf file :
The guide says to uncomment this :
// Uncomment the following part (and comment the other part for CAS integration
org.gatein.sso.agent.login.SSOLoginModule required
org.exoplatform.services.security.j2ee.TomcatLoginModule required
portalContainerName=portal
realmName=gatein-domain
But the syntax is false, we just need that (be careful on the ';' :
// Uncomment the following part (and comment the other part for CAS integration
org.gatein.sso.agent.login.SSOLoginModule required;
org.exoplatform.services.security.j2ee.TomcatLoginModule required;
Terms of Use Create Support ticket Your support tickets Stock Market News! © vmapp.org2024 All Rights reserved.