公司采用Josso作为各个应用的统一登录接口,目前已经集成多个系统。将Josso和应用分别放在不同的Tomcat Server上并实现通讯。这样开发人员就只需要跑本地应用,应用连接远程服务器上的josso服务进行登录认证,节省了开发流程和开发时间。
本文假设服务器的josso gateway已经正确配置,下面讲述如何在本地配置agent。
- 下载josso http://www.josso.org,解压后安装josso agent。
cd josso-1.8.5/bin ./josso-gsh
进入josso installer程序
josso> agent install --target /usr/local/tomcat6 --platform tc60
- 修改josso-agent-config.xml配置,tomcat6在lib目录下
将其中的gatewayLoginUrl,gatewayLogoutUrl,gatewayServiceLocator改成远程地址,并把自己的应用添加到agent:partner-apps。如下:
<?xml version="1.0" encoding="UTF-8" ?> <s:beans xmlns:s="http://www.springframework.org/schema/beans" xmlns:tc60="urn:org:josso:agent:tomcat60" xmlns:agent="urn:org:josso:agent:core" xmlns:protocol="urn:org:josso:protocol:client" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd urn:org:josso:agent:tomcat60 http://www.josso.org/schema/josso-tomcat60-agent.xsd urn:org:josso:agent:core http://www.josso.org/schema/josso-agent.xsd urn:org:josso:protocol:client http://www.josso.org/schema/josso-protocol-client.xsd"> <tc60:agent name="josso-tomcat60-agent" sessionAccessMinInterval="1000" > <!-- Gateway LOGIN and LOGOUT URLs --> <gatewayLoginUrl>http://192.168.1.245:8180/josso/signon/login.do</gatewayLoginUrl> <gatewayLogoutUrl>http://192.168.1.245:8180/josso/signon/logout.do</gatewayLogoutUrl> <!-- Gateway service locator --> <gatewayServiceLocator> <!-- Other properties for ws-service-locator : username, password, servicesWebContext, transportSecurity --> <protocol:ws-service-locator endpoint="192.168.1.245:8180" /> </gatewayServiceLocator> <configuration> <agent:agent-configuration> <agent:partner-apps> <!-- Simple definition of a partner application --> <agent:partner-app id="MySimplePartnerApp" context="/simple-partnerapp"/> <agent:partner-app id="Portal" context="/portal" /> <agent:partner-app id="MyPartnerApp1" context="/partnerapp" defaultResource="/index.jsp"> <!-- <security-context-propagation> <agent:security-context-propagation-config binding="HTTP_HEADERS" userPlaceHolder="currentLoginName" rolesPlaceHolder="currentUserRoles"/> </security-context-propagation> --> </agent:partner-app> </agent:partner-apps> </agent:agent-configuration> </configuration> <!-- <automaticLoginStrategies> <agent:bot-automaticlogin-strategy mode="REQUIRED" /> <agent:urlbased-automaticlogin-strategy mode="REQUIRED"> <ignoredUrlPatterns> <value>regex1</value> <value>regex2</value> </ignoredUrlPatterns> </agent:urlbased-automaticlogin-strategy> <agent:default-automaticlogin-strategy mode="REQUIRED" /> </automaticLoginStrategies> --> </tc60:agent> </s:beans>
如何配置Eclipse中的Tomcat Server连接远程Josso
拷贝conf/server.xml并覆盖Eclipse中Tomcat Server的配置文件
给Tomcat启动添加JVM参数-Djava.security.auth.login.config="/usr/local/tomcat6/conf/jaas.conf"
- 右键点击Tomcat Server,选择Open
- 点击Open launch configuration
- 选择Arguments标签
- 在VM arguments中增加-Djava.security.auth.login.config="/usr/local/tomcat6/conf/jaas.conf" 参数