JForum預設cookie-based的sso.implementation是net.jforum.sso.CookieUserSSO,但是原始碼並沒有這個CookieUserSSO類別,所以如果我們照著
文件做會失敗。
在此附上一份經過實際測試沒有問題的CookieUserSSO.java及CookieUserSSO.class檔,如果您的需求是很單純的用Cookie來作Single Sign-On,則下載後重新編譯,將編譯後的class檔放到WEB-INF/classes/net/jforum/sso目錄下,然後重新載入JForum即可。
package net.jforum.sso;
import javax.servlet.http.Cookie;
import net.jforum.context.RequestContext;
import net.jforum.JForumExecutionContext;
import net.jforum.ControllerUtils;
import net.jforum.entities.UserSession;
import net.jforum.util.preferences.ConfigKeys;
import net.jforum.util.preferences.SystemGlobals;
import org.apache.log4j.Logger;
public class CookieUserSSO implements SSO {
static final Logger logger = Logger.getLogger(CookieUserSSO.class.getName());
public String authenticateUser(RequestContext request) {
// myapp login cookie, contain logged username
Cookie myCookie = ControllerUtils.getCookie(
SystemGlobals.getValue(ConfigKeys.COOKIE_NAME_USER));
String username = null;
if (myCookie != null) {
username = myCookie.getValue();
}
return username; // jforum username
}
public boolean isSessionValid(UserSession userSession, RequestContext request) {
Cookie SSOCookie = ControllerUtils.getCookie(
SystemGlobals.getValue(ConfigKeys.COOKIE_NAME_USER)); // myapp login cookie
String remoteUser = null;
if (SSOCookie != null) {
remoteUser = SSOCookie.getValue(); // jforum username
}
// user has since logged out
if(remoteUser == null &&
userSession.getUserId() != SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)) {
return false;
// user has since logged in
} else if(remoteUser != null &&
userSession.getUserId() == SystemGlobals.getIntValue(ConfigKeys.ANONYMOUS_USER_ID)) {
return false;
// user has changed user
} else if(remoteUser != null && !remoteUser.equals(userSession.getUsername())) {
return false;
}
return true; // myapp user and forum user the same
}
}
另外,還要設定一下jforum-custom.conf,設定範例如下:
authentication.type=sso
sso.implementation=net.jforum.sso.CookieUserSSO
sso.redirect=http://member.andowson.com/login.jsp
cookie.name.user=username
紅色字體部分即是您需要依您實際狀況修改的地方,例如上面的例子意思是您的會員登入是在member.andowson.com控管,而login.jsp在驗證完畢後,會寫入一個username的cookie(domain需是andowson.com),並讀出returnUrl參數來導回到原來的網址去。
參考資料:
http://www.jforum.net/posts/list/3619.page
![[Logo]](/templates/default/images/spacer.gif)
![[Search]](/templates/default/images/icon_mini_search.gif){kind=icon}
![[Recent Topics]](/templates/default/images/icon_mini_recentTopics.gif){kind=icon}
![[Members]](/templates/default/images/icon_mini_members.gif){kind=icon}
![[Groups]](/templates/default/images/icon_mini_groups.gif){kind=icon}
![[Register]](/templates/default/images/icon_mini_register.gif){kind=icon}
![[Login]](/templates/default/images/icon_mini_login.gif){kind=icon}
![[Post New]](/templates/default/images/icon_minipost_new.gif){kind=icon}
![[Up]](/templates/default/images/icon_up.gif){kind=icon}
![[Avatar]](/images/avatar/c81e728d9d4c2f636f067f89cc14862c.jpg)
![[Disk]](/templates/default/images/icon_disk.gif){kind=icon}
![[WWW]](/templates/default/images/icon_www.gif){kind=icon}
![[MSN]](/templates/default/images/icon_msnm.gif){kind=icon}
![[Avatar]](/images/avatar/c51ce410c124a10e0db5e4b97fc2af39.jpg)
