Friday, February 15, 2008

Wednesday, February 6, 2008

Single SignOn (SSO) with Seam using JOSSO

I recently used seam_gen to create a josso_console application. If you want to use JOSSO, but you don't yet want to take the leap to hook it up to an LDAP or other industrial strength credential store, then this is the app may come in handly. Figure 1 shows the welcome screen of josso_console application.


Figure 1. The JOSSO console.

If your objective is simply to hook your Seam application up to JOSSO then you should keep reading too.

1. Seam and JAAS
Seam comes with its own security framework which is based on JAAS. The easiest way to hook Seam up to JOSSO is to first configure your Seam-based application the conventional JOSSO way and then hooking up Seam and JOSSO using a Seam authenticator. I worked on a jossoAuthenticator that will set the SSO user and roles information into Seam context, so that you can use all the Seam security features while using JOSSO.

2. Configure JOSSO
In your josso-agent-config.xml add the josso_console in as a partner app


Now your application will have access to the JOSSO cookie.

3. Configure Seam
Next we're going to protect our application using the standard security constraints to the web.xml. For instance if we only want users that have the admin role to access our console you would add


This web.xml references the login-redirect.jsp which you will need to add to the root of your war file. Now, you will be redirected to the josso login screen when trying to access the web application.

Next we have to propagate the authorization information into Seam context. For this we use the jossoAuthenticator.
Next you need to reference this class in your pages.xml, by adding

and commenting out the default authenticator

Finally we need to modify the pages.xml, where we reference the jossoAuthenticator on our welcome page (index.xhtml) like

which will cause the jossoAuthenticator.checkLogin to be called for this page, and in the exception class configuration we specify the index.xhtml page


All should now be working. If you want, you can obtain the full sources from the josso_console application to see the complete application.

Some other resources in this context you may find useful are:
http://www.josso.org/confluence/display/JOSSO1/JBoss+4.2
http://sdudzin.blogspot.com/2007/12/windows-sso-with-jboss-seam.html, and
http://www.ja-sig.org/wiki/display/CASC/Seam+Identity+Integration+(Seam+1.2.1+-+2.0.0)

Tuesday, February 5, 2008

Sony Vaio VGN-FS740/W Battery Problem

The battery on my wife's computer would no longer hold a charge and it was time to replace it. We replaced it with a generic brand battery (little more then $100). It charged fine, but then while it was running a message would suddenly pop up, saying that the battery was not inserted correctly and that it had to switch to hibernate mode. The battery light would flash rapidly after this, and it would never come back long or it would go hibernate again. Re-seating the battery had no effect. It turns out that Sony truly has turned evil. They are running a little service that checks whether the battery is a Sony battery ($300!), and if it is not then it kicks into action and sends your machine into hibernation!

After some digging I found this article, and the fix is easy, the service is called ISBMgr and to get rid of it permanently fire up msconfig like so


go to the startup tab and uncheck the ISBMgr.



Now when you restart it will ask you if you knew that some services where changed, just say yes and it will never bother you again.

Bad Sony. No more Sony for me..