5.7.4.3. Set up the portal to redirect to JOSSO

The next part of the process redirects all user authentication to the JOSSO server.

Information about where the JOSSO server is hosted must be properly configured within the GateIn 3.2 instance. The required configuration is done by modifying four files:

In the gatein.ear/web.war/groovy/groovy/webui/component/UIBannerPortlet.gtml file, modify the 'Sign In' link as follows:


<!--
<a class="Login" onclick="$signInAction"><%=_ctx.appRes("UILoginForm.label.Signin")%></a>
-->
<a class="Login" href="/portal/sso"><%=_ctx.appRes("UILoginForm.label.Signin")%></a>

In the gatein.ear/web.war/groovy/portal/webui/component/UILogoPortlet.gtmpl file, modify the 'Sign In' link as follows:


<!--
<a onclick="$signInAction"><%=_ctx.appRes("UILogoPortlet.action.signin")%></a>
-->
<a href="/portal/sso"><%=_ctx.appRes("UILogoPortlet.action.signin")%></a>

Replace the entire contents of gatein.ear/02portal.war/login/jsp/login.jsp with:


<html>

  <head>

    <script type="text/javascript">

     window.location = '/portal/sso';

    </script>

  </head>

  <body>

  </body>

</html>

Add the following filters at the top of the filter chain in gatein.ear/02portal.war/WEB-INF/web.xml:

<filter>
   <filter-name>LoginRedirectFilter</filter-name>
   <filter-class>org.gatein.sso.agent.filter.LoginRedirectFilter</filter-class>
   <init-param>
      <!-- This should point to your SSO authentication server -->
      <param-name>LOGIN_URL</param-name>
      <param-value>http://localhost:8888/josso/signon/login.do?josso_back_to=http://localhost:8080/portal/initiatessologin</param-value>
   </init-param>
</filter>
<filter>
   <filter-name>JOSSOLogoutFilter</filter-name>
   <filter-class>org.gatein.sso.agent.filter.JOSSOLogoutFilter</filter-class>
   <init-param>
      <!-- This should point to your JOSSO authentication server -->
      <param-name>LOGOUT_URL</param-name>
      <param-value>http://localhost:8888/josso/signon/logout.do</param-value>
   </init-param>
</filter>
<filter>
   <filter-name>InitiateLoginFilter</filter-name>
   <filter-class>org.gatein.sso.agent.filter.InitiateLoginFilter</filter-class>
   <init-param>
      <param-name>ssoServerUrl</param-name>
      <param-value>http://localhost:8888/josso/signon/login.do</param-value>
   </init-param>
   <init-param>
      <param-name>loginUrl</param-name>
      <param-value>http://localhost:8080/portal/dologin</param-value>
   </init-param>
</filter>

<!-- Mapping the filters at the very top of the filter chain -->
<filter-mapping>
   <filter-name>LoginRedirectFilter</filter-name>
   <url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
   <filter-name>JOSSOLogoutFilter</filter-name>
   <url-pattern>/*</url-pattern>
</filter-mapping>
<filter-mapping>
   <filter-name>InitiateLoginFilter</filter-name>
   <url-pattern>/initiatessologin</url-pattern>
</filter-mapping>

From now on, all links redirecting to the user authentication pages will redirect to the JOSSO centralized authentication form.