| Creation Date: | October 20, 2003 |
| Status: | Version 5 |
| Version: | PDK Release 2, (9.0.4.0.2 and later) |
This document describes how you can use the PDK-Java and mod_osso to integrate a partner application with OracleAS Portal. A partner application is a web based application that shares the same Single Sign-On (SSO) Server as OracleAS Portal for its authentication. This means that when a user is already logged into OracleAS Portal, their identity can be asserted to the partner application without them having to log in again.
For even tighter integration with OracleAS Portal, a partner application can be exposed as a web provider using the PDK-Java, so that it may be accessed from a portlet on a OracleAS Portal page. This document demonstrates this style of integration by looking at an example web application, "Flights of Fancy", and describing how its integration with OracleAS Portal is performed. The Flights of Fancy application displays a list of flights for a user and provides links to display the details of a flight.
The Flights of Fancy application consists of two pages, a summary page listing a number of flights and a detail page showing details of a specific flight. Clicking of the flight number takes you from the summary page to the detail page. When integrated with OracleAS Portal the summary page is exposed as a portlet and clicking on the flight number in the portlet takes you from the portal to the Flight of Fancy application where the detailed page is displayed without requiring the user to login. This type of link that takes a user from Portal to an application is known as a "deep link".
The above image shows the summary page of the Flight of Fancy Applications.
This section contains instructions for installing the Flights of Fancy sample partner application.
Note: This sample requires that the JPDK is installed in an OracleAS HTTP Server associated with an OracleAS infrastructure. This may be (but need not necessarily be) the same OracleAS HTTP Server that serves as the mid tier for an OracleAS Portal. For more details on how to associate an OracleAS HTTP Server with an OracleAS Infrastructure, consult the Oracle Application Server Administrator's Guide.
Follow the instructions in Installing the PDK-Java Framework and Samples to install PDK-Java in an existing OracleAS installation.
Start OracleAS HTTP Server
Test your provider is configured correctly by trying to access its test page in a browser, through a URL of the form http://<host>:<port>/jpdk/providers/partner. If you do not see a web provider test page that mentions a single portlet called PartnerFlightPortlet, then carefully review all the previous configuration steps.
Ensure that the configuration file mod_osso.conf is being read by OracleAS HTTP Server. Edit $ORACLE_HOME/Apache/Apache/conf/httpd.conf and make sure the following line is not commented out.
include "$ORACLE_HOME/Apache/Apache/conf/mod_osso.conf"
Add SSO authentication to servlet requests by modifying the file $ORACLE_HOME/Apache/Apache/conf/mod_osso.conf and add the following:
<Location /jpdk/servlet/PartnerAppFlights>
AuthType Basic
require valid-user
</Location>
You may want to switch off IP checking for mod_osso to make access to the site easier if your customers use proxy settings in their browsers
OssoIpCheck off
From the Portlets sub-tab of the Administer tab on the OracleAS Portal Home Page, click on Register a Provider within the portlet called Remote Providers.
Register with the following parameters:
The user has the same identity in the Web providers application as in the Single Sign-On identity
Click Finish
Add the provider's portlet to a page and view the page.
The portlet should display a list of flights. When you click on one of the flight links, you are redirected to the stand alone version of the Flights of Fancy application. However, because it shares the same SSO server as the OracleAS Portal, the application will trust your identity without requiring you to log in.
This section takes a look at how the Flights of Fancy application is implemented.
The complete Java source code for this example partner application is included in src.zip in the PDK-Java distribution, under the directory oracle/portal/sample/v2/devguide/partnerApp. The files are:
In a partner application, the application URLs that are considered secure should perform an application specific security check to determine whether a user has been authenticated. This security checks are performed in two different ways. When the application is being called as a stand alone servlet, perhaps through one of the 'deep links' in the portlet, it is protected by mod_osso, which checks if the user is logged on and if not prompts the user for a username/password. When called as a portlet, the provider does a check to verify that the user is logged on.
The entry point to the "Flights of Fancy" application when it is called from inside the OracleAS Portal is the renderBody() method in the FlightRenderer class. The entry point to the "Flights of Fancy" application from outside the OracleAS Portal is the doGet() method in the PartnerServlet class, which in turn delegates to FlightRenderer.
The class FlightRenderer does most of the work for this sample. In this class there are two main methods which handle requests from OracleAS Portal or a servlet request. The only real difference between these methods is how they extract information from the request. These methods are described below.
process(HttpServletRequest req, HttpServletResponse res) a servlet request
| Revision History: |
|
| Oracle Corporation World Headquarters 500 Oracle Parkway Redwood Shores, CA 94065, USA http://www.oracle.com/ |
Worldwide Inquiries: 1-800-ORACLE1 Fax 650.506.7200 |
Copyright and Corporate Info |