users@glassfish.java.net

Re: Cookie handling in GlassFishv3

From: Major Péter <majorpetya_at_sch.bme.hu>
Date: Wed, 10 Feb 2010 22:46:28 +0100

Hi,

<OFF>
I've not done everything like you did for a first blick. I wanted to
write a full walkthrough on how to install an agent on GFv3, but didn't
had much time to do so. In the next few days I'm gonna try to write my
thoughts down, and gonna be back with that later. But if you're need
more info about it, feel free to contact me on my e-mail address.

Anyways, I guess this part of the discussion is not GlassFish related,
so I'm going to post my answer on OpenSSO mailing list instead.
</OFF>

What's related:
<ON>
I still don't understand why does the agent works with GFv2, but not
with GFv3.
Note:
If the issue would appear with GFv2, then the agent wouldn't work at
all, since the cookie values are not matching.
</ON>

Best Regards,
Peter

2010-02-10 22:30 keltezéssel, glassfish_at_javadesktop.org írta:
> Peter,
>
> It seems I am following in your footsteps: Trying to get an agent running with an application on Glassfish v3, where our OpenSSO server is deployed on Glassfish 2.1.1
>
> Thank you for identifying the cookie encoding work-around. For others, here is what I did to enable it on the OpenSSO console:
>
> Configuration->Servers and Sites->(select your site)->Security
>
> Click on "Inheritance Settings" and uncheck "Encode Cookie Value". Save
>
> Back to Server Profile
> Cookie
>
> Check "yes" for Encode Cookie Value. Save.
>
> Restart the opensso domain
>
>
>
> What changes did you make to get the agent installed?
>
> I did this:
>
> add to domain.xml:
>
> -bash-3.00$ diff domain.xml domain.xml.before_opensso
> 88,91c88
> < <security-service audit-enabled="true" default-realm="agentRealm">
> < <auth-realm classname="com.sun.identity.agents.appserver.v81.AmASRealm" name="agentRealm">
> < <property name="jaas-context" value="agentRealm" />
> < </auth-realm>
> ---
>> <security-service>
> 173,174d169
> < <jvm-options>-DLOG_COMPATMODE=Off</jvm-options>
> < <jvm-options>-Djava.util.logging.config.file=/var/glassfish/domains/s2/lib/classes/OpenSSOAgentLogConfig.properties</jvm-options>
> 211c206
> < </domain>
> ---
>> </domain>
>
>
> diff login.conf login.conf.before_opensso
> 22,25d21
> < agentRealm {
> < com.sun.identity.agents.appserver.v81.AmASLoginModule required;
> < };
> <
>
> Then I copied all the opensso agent .jar files to:
>
> <domaindir>/lib
>
> And all the opensso agent .properties and .txt files to:
>
> <domaindir>/lib/classes
>
> -bash-3.00$ ls -1 lib
> agent.jar
> applibs
> classes
> databases
> ext
> openssoclientsdk.jar
> -bash-3.00$
> -bash-3.00$
> -bash-3.00$ ls -1 lib/classes
> CompositeAdviceForm.txt
> FormLoginContent.txt
> OpenSSOAgentBootstrap.properties
> OpenSSOAgentConfiguration.properties
> OpenSSOAgentLogConfig.properties
> PortCheckContent.txt
> WSAuthErrorContent.txt
> WSInternalErrorContent.txt
> amAgentCore.properties
> amAgentLog.properties
> amFilter.properties
> amRealm.properties
> amToolsMessages.properties
> amWebPolicy.properties
> as81Tools.properties
> asTools.properties
>
> And you need to edit OpenSSOAgentBootstrap.properties
>
> Have you found anything more?
> [Message sent by forum member 'objectswitch' (public_at_peapod.net)]
>
> http://forums.java.net/jive/thread.jspa?messageID=385970