josso agent配置以及Eclipse中的Tomcat Server连接远程Josso

公司采用Josso作为各个应用的统一登录接口，目前已经集成多个系统。将Josso和应用分别放在不同的Tomcat Server上并实现通讯。这样开发人员就只需要跑本地应用，应用连接远程服务器上的josso服务进行登录认证，节省了开发流程和开发时间。

本文假设服务器的josso gateway已经正确配置，下面讲述如何在本地配置agent。

1. 下载josso http://www.josso.org，解压后安装josso agent。

   cd josso-1.8.5/bin
   ./josso-gsh
   

进入josso installer程序

josso> agent install --target /usr/local/tomcat6 --platform tc60

1. 修改josso-agent-config.xml配置，tomcat6在lib目录下

将其中的gatewayLoginUrl，gatewayLogoutUrl，gatewayServiceLocator改成远程地址，并把自己的应用添加到agent:partner-apps。如下：

<?xml version="1.0" encoding="UTF-8" ?>
 

<s:beans xmlns:s="http://www.springframework.org/schema/beans"
         xmlns:tc60="urn:org:josso:agent:tomcat60"
         xmlns:agent="urn:org:josso:agent:core"
         xmlns:protocol="urn:org:josso:protocol:client"
         xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xsi:schemaLocation="http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans-2.5.xsd
         urn:org:josso:agent:tomcat60 http://www.josso.org/schema/josso-tomcat60-agent.xsd
         urn:org:josso:agent:core http://www.josso.org/schema/josso-agent.xsd
         urn:org:josso:protocol:client http://www.josso.org/schema/josso-protocol-client.xsd">

    <tc60:agent name="josso-tomcat60-agent" sessionAccessMinInterval="1000" >

        <!-- Gateway LOGIN and LOGOUT URLs -->
        <gatewayLoginUrl>http://192.168.1.245:8180/josso/signon/login.do</gatewayLoginUrl>
        <gatewayLogoutUrl>http://192.168.1.245:8180/josso/signon/logout.do</gatewayLogoutUrl>

        <!-- Gateway service locator -->
        <gatewayServiceLocator>
            <!-- Other properties for ws-service-locator :
            username, password, servicesWebContext, transportSecurity
            -->
  <protocol:ws-service-locator endpoint="192.168.1.245:8180" />
        </gatewayServiceLocator>

        <configuration>
            <agent:agent-configuration>

                
                <agent:partner-apps>

                    <!-- Simple definition of a partner application -->
                    <agent:partner-app id="MySimplePartnerApp" context="/simple-partnerapp"/>

                    <agent:partner-app id="Portal" context="/portal" />
		
		    
		
                    <agent:partner-app id="MyPartnerApp1" context="/partnerapp" defaultResource="/index.jsp">

                         <!--
                        <security-context-propagation>
                            <agent:security-context-propagation-config
                                binding="HTTP_HEADERS"
                                userPlaceHolder="currentLoginName"
                                rolesPlaceHolder="currentUserRoles"/>
                        </security-context-propagation>
                        -->
                    </agent:partner-app>

                </agent:partner-apps>

            </agent:agent-configuration>


        </configuration>

         
       

		 
		<!--
		<automaticLoginStrategies>
			<agent:bot-automaticlogin-strategy mode="REQUIRED" />
			<agent:urlbased-automaticlogin-strategy mode="REQUIRED">
				<ignoredUrlPatterns>
					<value>regex1</value>
					<value>regex2</value>
				</ignoredUrlPatterns>
			</agent:urlbased-automaticlogin-strategy>
			<agent:default-automaticlogin-strategy mode="REQUIRED" />
		</automaticLoginStrategies>
		-->
		
    </tc60:agent>

</s:beans>

  

如何配置Eclipse中的Tomcat Server连接远程Josso

 

拷贝conf/server.xml并覆盖Eclipse中Tomcat Server的配置文件

给Tomcat启动添加JVM参数-Djava.security.auth.login.config="/usr/local/tomcat6/conf/jaas.conf"

1. 右键点击Tomcat Server，选择Open
2. 点击Open launch configuration
3. 选择Arguments标签
4. 在VM arguments中增加-Djava.security.auth.login.config="/usr/local/tomcat6/conf/jaas.conf" 参数