The eXo Platform server configuration is quite different between the Tomcat and JBoss packages. Here are instructions for both Tomcat and JBoss bundles.
If you are using eXo Platform bundled with Tomcat, you will be noticed of a possible problem caused by $PLATFORM_TOMCAT_HOME/lib/jacc-x.y.jar.
This file is not necessary, so you can workaround just by removing it.
Add the following to the $PLATFORM_TOMCAT_HOME/gatein/conf/configuration.properties file to have the following lines:
gatein.sso.enabled=true
gatein.sso.callback.enabled=${gatein.sso.enabled}
gatein.sso.login.module.enabled=${gatein.sso.enabled}
gatein.sso.login.module.class=org.gatein.sso.agent.login.SSOLoginModule
gatein.sso.server.url=http://localhost:8888/opensso
gatein.sso.openam.realm=gatein
gatein.sso.portal.url=http://localhost:8080
gatein.sso.filter.logout.class=org.gatein.sso.agent.filter.OpenSSOLogoutFilter
gatein.sso.filter.logout.url=${gatein.sso.server.url}/UI/Logout
gatein.sso.filter.login.sso.url=${gatein.sso.server.url}/UI/Login?realm=${gatein.sso.openam.realm}&goto=${gatein.sso.portal.url}/@@portal.container.name@@/initiatessologinIn which:
gatein.sso.server.url (= http://localhost:8888/opensso in this example) is the URL of your OpenAM web context.
gatein.sso.portal.url (= http://localhost:8080 in this example) is the URL of your eXo Platform server.
gatein.sso.openam.realm (= gatein in this example) is the realm created in previous steps.
Add <Valve className="org.gatein.sso.agent.tomcat.ServletAccessValve" /> to
the $PLATFORM_TOMCAT_HOME/conf/server.xml file. The content of this file now looks like:
...
<Engine name="Catalina" defaultHost="localhost">
<Host name="localhost" appBase="webapps" startStopThreads="-1"
unpackWARs="${EXO_TOMCAT_UNPACK_WARS}" autoDeploy="true">
<Valve className="org.gatein.sso.agent.tomcat.ServletAccessValve" />
...
<Valve className="org.apache.catalina.authenticator.SingleSignOn" />
...
<Listener className="org.exoplatform.platform.server.tomcat.PortalContainersCreator" />
...
</Host>
</Engine>
...
Edit the $PLATFORM_JBOSS_HOME/standalone/configuration/gatein/configuration.properties file to have the following lines:
# SSO
gatein.sso.enabled=true
gatein.sso.callback.enabled=${gatein.sso.enabled}
gatein.sso.login.module.enabled=${gatein.sso.enabled}
gatein.sso.login.module.class=org.gatein.sso.agent.login.SSOLoginModule
gatein.sso.server.url=http://localhost:8888/opensso
gatein.sso.openam.realm=gatein
gatein.sso.portal.url=http://localhost:8080
gatein.sso.filter.logout.class=org.gatein.sso.agent.filter.OpenSSOLogoutFilter
gatein.sso.filter.logout.url=${gatein.sso.server.url}/UI/Logout
gatein.sso.filter.login.sso.url=${gatein.sso.server.url}/UI/Login?realm=${gatein.sso.openam.realm}&goto=${gatein.sso.portal.url}/@@portal.container.name@@/initiatessologinIn which:
gatein.sso.server.url (= http://localhost:8888/opensso in this example) is the URL of your OpenAM web context.
gatein.sso.portal.url (= http://localhost:8080 in this example) is the URL of your eXo Platform server.
gatein.sso.openam.realm (= gatein in this example) is the realm created in previous steps.
Uncomment the below login module in $PLATFORM_JBOSS_HOME/standalone/configuration/standalone-exo.xml,
then change ${gatein.sso.login.module.enabled} and ${gatein.sso.login.module.class}
into #{gatein.sso.login.module.enabled} and #{gatein.sso.login.module.class} respectively.
<login-module code="org.gatein.sso.integration.SSODelegateLoginModule" flag="required">
<module-option name="enabled" value="#{gatein.sso.login.module.enabled}"/>
<module-option name="delegateClassName" value="#{gatein.sso.login.module.class}"/>
<module-option name="portalContainerName" value="portal"/>
<module-option name="realmName" value="gatein-domain"/>
<module-option name="password-stacking" value="useFirstPass"/>
</login-module>
After configuring the eXo Platform server, move to the next section for testing.