Tuesday October 23, 2007
Tuesday October 23, 2007
Apache Roller, Acegi Security, LDAP and JA-SIG CAS Earlier today, I delivered my talk on Apache Roller, Acegi Security and Single Sign-on. As part of this talk, I put together a couple of tutorials you might find useful:
NOTE: These tutorials are using Roller's trunk as we found some things to simplify LDAP integration tonight.
You can download a PDF version of my presentation from my publications page.
During the presentation I did a number of demos:
- Installing Roller on Tomcat
- Integrating Roller with Apache Directory Server
- Integration Roller with CAS
- Integrating CAS with LDAP
Rather than saving the demo for the end, I did it as the first part of my presentation. This worked extremely well - especially since I didn't have to worry about running out of time.
If you're using Roller, have you integrated it with LDAP or another SSO solution? If so, is it working well for you?
Posted in Roller
at Oct 23 2007, 01:38:40 AM MDT
5 Comments
Search This Site
Recent Entries
- Wine Tasting in Napa Valley
- How to build a Shot-Ski
- Bus Project Update
- Farewell to the 2011-2012 Ski Season
- Cruising around the Western Caribbean
- Spring Break!
- A Spectacular Trip to Stockholm and Madrid
- Comparing Web Frameworks and HTML5 with Play Scala at Jfokus 2012
- Play Framework 2.0 with Peter Hilton at Jfokus
- Secure JSON Services with Play Scala and SecureSocial
Posted by Scott Battaglia on October 23, 2007 at 07:45 AM MDT #
I'm trying to integrate Roller 4.0 with CAS at the moment (but not LDAP). This is in order to provide SSO between Roller and JForum (and other apps in future).
I've followed the tutorial but omitted the LDAP specific sections.
I have set the password for my user profile to a clear text value as it says in the "Integrate CAS with Roller's Database" section.
When I try and log in to roller, it redirects me to the CAS login page. I log in to CAS with the password and that seems to go through Ok. However it doesn't successfully log me in to Roller. I get redirected back to the page "roller/roller-ui/login.rol?error=true" with the message 'Wrong username and password combination' and a login box... I can't use this login box to log in at all (even if I set the password back to the hashed value before I do so).
I'm guessing that this is something to do with the RollerCasPopulator class. I've tried both the one in the jar attached to the tutorial, and the org.apache.roller.weblogger.ui.core.security.RollerCasPopulator class in the sample config that came with Roller. Neither has worked...
Do you have any suggestions or pointers as to what may be wrong?
Posted by Stu on March 13, 2008 at 05:54 AM MDT #
Posted by Gavin on May 14, 2008 at 11:59 AM MDT #
With the help from people on this mailing list I found the solution to being redirected to the roller login page. This is in Roller version 4.0.
In Rollers sercurity.xml is a line:
This needs to be commented out as it is telling acegi to use a non-default truststore. This non-default truststore will not contain your servers SSL certificate and so Roller can not authenticate.
I am now seeing another error but that is a different matter.
Posted by Gavin on May 15, 2008 at 01:36 PM MDT #
Posted by sathyamoorthy on May 26, 2009 at 03:38 AM MDT #