Tomcat SSO

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
3 messages Options
Reply | Threaded
Open this post in threaded view
|

Tomcat SSO

James Yong-2
Hi all,

I would like to propose using the Single Sign On mechanism in Tomcat.
Once implemented, there is no necessity for the externalLoginKey,
or to indicate "intra-app" to target-type attribute.

Any issue before i start working on a POC?

Regards,
James Yong
Reply | Threaded
Open this post in threaded view
|

Re: Tomcat SSO

Jacques Le Roux
Administrator
Hi James,

I was not aware of this feature. I just read https://tomcat.apache.org/tomcat-8.0-doc/config/host.html#Single_Sign_On

I see no reasons why a POC would be refused.

Jacques


Le 05/05/2017 à 11:12, James Yong a écrit :

> Hi all,
>
> I would like to propose using the Single Sign On mechanism in Tomcat.
> Once implemented, there is no necessity for the externalLoginKey,
> or to indicate "intra-app" to target-type attribute.
>
> Any issue before i start working on a POC?
>
> Regards,
> James Yong
>

Reply | Threaded
Open this post in threaded view
|

Re: Tomcat SSO

taher
In reply to this post by James Yong-2
I've been contemplating this for a while, but it is not an easy task.
Essentially, we need to fully refactor the Catalina Container and do a lot
of cleanup to reverse the way OFBiz is deployed to be a single web
application, not multiple web applications mapped to a single servlet
container as is the architecture at the moment.

For this to happen, we need to do many things:
1- Complete the refactoring of all containers to get the new signature of
OfbizCommand argument list
2- Redesign the container so that everything is loaded once as a single
webapp through one master servlet. This would have the advantage of being
able to deploy OFBiz as a single WAR archive to be deployed in any servlet
container
3- Redesign all components (if needed) to comply with this new architecture

This is one of the things I've been dabbling with lately, but it's bigger
than I expected. The code in the catalina container is very spaghetti like
at the moment.

So, I would say it's a good idea, but needs lots of cleanup / refactoring
work first if you want to have a good chance of succeeding in
implementation. Without a proper cleanup you might get a bit overwhelmed in
trying to navigate the code maze :) So good luck.

On Fri, May 5, 2017 at 12:12 PM, James Yong <[hidden email]> wrote:

> Hi all,
>
> I would like to propose using the Single Sign On mechanism in Tomcat.
> Once implemented, there is no necessity for the externalLoginKey,
> or to indicate "intra-app" to target-type attribute.
>
> Any issue before i start working on a POC?
>
> Regards,
> James Yong
>