公司采用Josso作为各个应用的统一登录接口,目前已经集成多个系统。将Josso和应用分别放在不同的Tomcat Server上并实现通讯。这样开发人员就只需要跑本地应用,应用连接远程服务器上的josso服务进行登录认证,节省了开发流程和开发时间。
本文假设服务器的josso gateway已经正确配置,下面讲述如何在本地配置agent。
- 下载josso http://www.josso.org,解压后安装josso agent。
cd josso-1.8.5/bin ./josso-gsh
进入josso installer程序
josso> agent install --target /usr/local/tomcat6 --platform tc60
- 修改josso-agent-config.xml配置,tomcat6在lib目录下
将其中的gatewayLoginUrl,gatewayLogoutUrl,gatewayServiceLocator改成远程地址,并把自己的应用添加到agent:partner-apps。如下:
<?xml version="1.0" encoding="UTF-8" ?>
<s:beans xmlns:s="http://www.springframework.org/schema/beans"
xmlns:tc60="urn:org:josso:agent:tomcat60"
xmlns:agent="urn:org:josso:agent:core"
xmlns:protocol="urn:org:josso:protocol:client"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
urn:org:josso:agent:tomcat60 http://www.josso.org/schema/josso-tomcat60-agent.xsd
urn:org:josso:agent:core http://www.josso.org/schema/josso-agent.xsd
urn:org:josso:protocol:client http://www.josso.org/schema/josso-protocol-client.xsd">
<tc60:agent name="josso-tomcat60-agent" sessionAccessMinInterval="1000" >
<!-- Gateway LOGIN and LOGOUT URLs -->
<gatewayLoginUrl>http://192.168.1.245:8180/josso/signon/login.do</gatewayLoginUrl>
<gatewayLogoutUrl>http://192.168.1.245:8180/josso/signon/logout.do</gatewayLogoutUrl>
<!-- Gateway service locator -->
<gatewayServiceLocator>
<!-- Other properties for ws-service-locator :
username, password, servicesWebContext, transportSecurity
-->
<protocol:ws-service-locator endpoint="192.168.1.245:8180" />
</gatewayServiceLocator>
<configuration>
<agent:agent-configuration>
<agent:partner-apps>
<!-- Simple definition of a partner application -->
<agent:partner-app id="MySimplePartnerApp" context="/simple-partnerapp"/>
<agent:partner-app id="Portal" context="/portal" />
<agent:partner-app id="MyPartnerApp1" context="/partnerapp" defaultResource="/index.jsp">
<!--
<security-context-propagation>
<agent:security-context-propagation-config
binding="HTTP_HEADERS"
userPlaceHolder="currentLoginName"
rolesPlaceHolder="currentUserRoles"/>
</security-context-propagation>
-->
</agent:partner-app>
</agent:partner-apps>
</agent:agent-configuration>
</configuration>
<!--
<automaticLoginStrategies>
<agent:bot-automaticlogin-strategy mode="REQUIRED" />
<agent:urlbased-automaticlogin-strategy mode="REQUIRED">
<ignoredUrlPatterns>
<value>regex1</value>
<value>regex2</value>
</ignoredUrlPatterns>
</agent:urlbased-automaticlogin-strategy>
<agent:default-automaticlogin-strategy mode="REQUIRED" />
</automaticLoginStrategies>
-->
</tc60:agent>
</s:beans>
如何配置Eclipse中的Tomcat Server连接远程Josso
拷贝conf/server.xml并覆盖Eclipse中Tomcat Server的配置文件
给Tomcat启动添加JVM参数-Djava.security.auth.login.config="/usr/local/tomcat6/conf/jaas.conf"
- 右键点击Tomcat Server,选择Open
- 点击Open launch configuration
- 选择Arguments标签
- 在VM arguments中增加-Djava.security.auth.login.config="/usr/local/tomcat6/conf/jaas.conf" 参数