wasabi3689
asked on
Sun Access Manager - Single Sign-on set up
I just installed Sun Java Enterprise System 5 with Access Manager 7.1. I want to do two simple testing for the Single Sign-On. I create a two-page website with a login hosted in Sun Web Server 7.0. When I open this website, I want it automatically redirect to Access Manager to check the identity. Once the identity checking pass, Access Manager will redirect back to the website and open the login.
I browse all the documentation from Sun and other forum. I still cannot figure out the configuration. Here it's my problems
1. I try to deploy php application to Sun Web server, it seems not accepted
2. how to configure agent in web server or application server? and generate a key
3. How to configure the website into Access Manager to authenticate it?
I browse all the documentation from Sun and other forum. I still cannot figure out the configuration. Here it's my problems
1. I try to deploy php application to Sun Web server, it seems not accepted
2. how to configure agent in web server or application server? and generate a key
3. How to configure the website into Access Manager to authenticate it?
ASKER
I read the http://developers.sun.com/identity/reference/techart/sso.html before and tried it but it still complex. I want something simple and straigh forward for the setup.
Unfortunately, there really isn't anything simple for single-sign-on. That's why it has only recently become
a reality. Authentication on the server is much easier. Do you really need the full scale SSO? Figuring out
what you really need is the first step towards figuring out the solution. Perhaps there is a simpler solution
that will still fit your needs.
a reality. Authentication on the server is much easier. Do you really need the full scale SSO? Figuring out
what you really need is the first step towards figuring out the solution. Perhaps there is a simpler solution
that will still fit your needs.
ASKER
Here it's what I want.
I want to create a SSO system so that the users are no need to login more than once if they want to open different websites
These websites are hosted either in apache server or tomcat and they are developed either by php, java...
Now the problem is when a user clicks on a site, he needs to input his user name and password, then when he opens another site, he needs to do again.
With the SSO, users just need to input login once.
what is the simple solution?
I want to create a SSO system so that the users are no need to login more than once if they want to open different websites
These websites are hosted either in apache server or tomcat and they are developed either by php, java...
Now the problem is when a user clicks on a site, he needs to input his user name and password, then when he opens another site, he needs to do again.
With the SSO, users just need to input login once.
what is the simple solution?
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
hi blu,
Please tell me simple solution if I don't really need the solution to be secure. How can I do that?
Please tell me simple solution if I don't really need the solution to be secure. How can I do that?
Just set a cookie. Use a cgi-script to set up the cookie, and then read the cookie from the other applications.
ASKER
Do you have sample code?
Nope, sorry. But it would be pretty simple. Present a form that asked for a password and account. Then encode the information
about the user account into a cookie and return it to the browser. Then on all you applications, simply look for that cookie and use the account info from there. This is the method that was originally used by various sites, and still used to recall preferences, but it is not at all secure, since once the coding in the cookie is cracked, anybody could impersonate anybody else.
about the user account into a cookie and return it to the browser. Then on all you applications, simply look for that cookie and use the account info from there. This is the method that was originally used by various sites, and still used to recall preferences, but it is not at all secure, since once the coding in the cookie is cracked, anybody could impersonate anybody else.
ASKER
Here it what I plan.
I plan to create a standard login module for every application (php, java, jsp...etc). Then every applcation used this standard login module.
The form include two input field user name and password and a submit button. But can you tell me more specific how to look for the cookie... how to code this part? or a link for this method for a reference
I plan to create a standard login module for every application (php, java, jsp...etc). Then every applcation used this standard login module.
The form include two input field user name and password and a submit button. But can you tell me more specific how to look for the cookie... how to code this part? or a link for this method for a reference
You mentioned PHP in the original question, so I am going to assume that you are using it. Read this:
http://docs.php.net/manual/en/features.cookies.php
http://docs.php.net/manual/en/features.cookies.php
http://developers.sun.com/identity/reference/techart/sso.html
The setup you describe is pretty complex. A better choice for help on your specific problem is probably at http://forum.java.sun.com