I'm trying to apply OpenAM to our Web Applications for SSO.
From the last month I got familiar with OpenAM, so I thought that I'm almost getting to the end.
But another constraint has arisen.
One Application has deeper dependency to Winstone Servlet Container, but it's not on OpenAM's Java EE Agents lists.
My solution was 'Using Apache Web Server : Apache+Winstone', but my colleague rejected my suggestion.
Is there any other solution for OpenAM+Winstone?
(I could not find it with Googling. In fact I didn't know Winstone itself until my colleague said that.)
If you don't need J2EE security in your application you could just use the 'servlet-filter' part of the 'J2EE Agent' filter (e.g. Tomcat Agent). You just need to specify a JVM option to point to the boostrap directory and add the agent libs to the classpath.
Related
I deployed a portlet in liferay 7 and it got deployed successfully and was available for use. I want to replace the jsp file, in earlier version I could see my application in tomcat/webapps folder and replace it quickly.
Now I am unable to locate the exploded war in liferay 7. I can only see the war in osgi/war folder.
Can someone help me with that.
Thanks in advance.
While I mostly agree with what Olaf wrote, I do understand the need to be able to make changes in JSP files and try them quickly during development. I'm afraid I don't have the solution for that yet.
However, let me answer the question you asked:
where is war exploded in Liferay 7 tomcat after getting copied in osgi folder
It is NOT (at least not the way it was done by application servers)! When you deploy a WAR file in Liferay 7, it will automatically (on the fly) convert it into OSGi bundle and install it in OSGi runtime. This way now Liferay is fully in charge of deploying plugins and does not need to rely on various application servers.
PLEASE NOTE: Every bundle has it's own state folder. In Liferay those are in <LIFERAY_HOME>/osgi/state. If you know the bundle ID you can easily find it. It may be (I haven't checked) that you'll find some JSP files there. The reason I'm writing this is to warn you (in case you figured it yourself) to NEVER modify bundle's state folder manually. Doing so may brake the whole environment. In worse case scenario you may have to redeploy everything in clean environment.
You should not rely on behavior like this. In previous versions it was the task of the application server to compile changed JSPs at runtime. However, this is bad practice in production systems and totally screws up your maintainability. If you need to update some UI code frequently, I'm suggesting you change your implementation to utilize ADT (Application Display Templates), e.g. through Freemarker or Velocity. Those are meant to be updated at runtime, where the JSP updates were a side effect of Tomcat's default (development friendly, production hostile) configuration
I am looking for an Opensource lightweight IAM to be used in development as a substitute for the real commercial IAM in production. Something with basic IAM functionalities, easy to install & easily configured to inject HTTP headers like user group.
Is OpenAM a good option? Any recommendations?
OpenAM comes from a very good pedigree...is forked from OpenSSO which is open-sourced code from the original SUN Access Manager product. OpenSSO was abandoned by Oracle after the Sun acquisition, so another company took it over and promoted a developer community around it.
Overall its a good choice for your requirements; that is:
Production-ready - yes, this version and previous versions have been used in production implementations
basic IAM functionality - it contains basic web access management functions and more than a few advanced features.
Inject HTTP headers - Yes, this is a standard function among web access management products.
In the past, a limitation with OpenAM/OpenSSO is that it required Sun Directory as the configuration store; however, this has changed with recent releases allowing other directories to be used.
Expect that installation and configuration of OpenAM to be rather command-line intensive; that is, with a minimal package installation and then options set in config files or thru utilities.
Hope that helps...
I have to deploy a war to a tomcat but I cannot modify anything outside the war itself.
Now I need to add authentication and authorization to the application.
The basic authentication would be enough but I cannot edit the tomcat-user.xml file, nor I can depend on absoulute paths as suggestend here: How do I provide basic http authentication for static tomcat webapps without changing tomcat-users.xml?
I just need to use a single user/password that can be configured in a file inside the war (it's a simple application with short lifetime and really low security requirements).
What is the simplest way to do this?
Thanks
Andrea
I seems that a solution is to use spring security with basic authentication.
See: Spring Security HTTP Basic Authentication
In my original case I didn't want to include spring security but I still don't know any other way to obtain this result.
I am trying to deploy the Liferay portal onto the Eclipse Virgo Web Server and haven't had much luck. I have at least solved two of the problems involved in this process:
1) The portal.jar that is part of the liferay dependencies has a malformed manifest. The Bundle-SymbolicName incorrectly sets the value to "JSR 286" when it should be "JSR286" (no space). Also, the Import-Package has a bunch of spaces/tabs and I removed those. That took care of problem 1.
2) The Virgo web server wasn't finding the liferay dependency jars (at least not where I was putting them), so I just stuck the dependencies into the main liferay.WAR and that has gotten rid of all the error messages.
Unfortunately, this didn't solve the overall problem. Perhaps there are other issues, but Virgo is not reporting any errors.
I've looked on both the Liferay and Virgo forums, but no one seems to have an answer to this, so I'm hoping someone here has had more success than me. If so, please let me know what you tried to get it to work.
A little more detail: I used the liferay-portal-6.0.5 WAR that is not bundled with an app server. And, I'm using Virgo 2.1.0.
Thanks,
David
I got it! http://sourceforge.net/projects/liferayforvirgo. But Virgo 3.6.0.RELEASE demonstrates too low performance and the couple Liferay+Virgo is not able to use for production
Has anybody seen a framework which is either written to work with Guice or a library that integrates an existing security system (ie: Acegi) with Guice?
I have found the following thus far...
http://code.google.com/p/warp-security/ (I think this abandonware)
http://code.google.com/p/warp-security/ (no documentation)
Apache Shiro 1.2 and later has native support for Guice applications:
http://shiro.apache.org/guice.html
HTH!
For whatever it's worth (being quite a late answer), I've had success integrating Apache Shiro with Guice. Last time I checked, Acegi was too deeply dependent on Spring to be usable in a pure Guice solution. Shiro's documentation is a little lacking, but the API is pretty straight-forward and easy to use, if don't mind a little digging.
In case it's of any interest, I've posted a Gist of the simplest example I could find. Two caveats:
It's written against a pre-release version of Shiro 1.0
The Active Directory realm we're using is a somewhat modified version from the main Shiro source, using some ideas from the Active Directory plugin for Jenkins (then Hudson).
Hopefully, it's enough to get you started...