Thursday Feb 21, 2008

Simple Web Server Authentication and SGD

Seems that a lot of people are interested in using Web Server Authentication.

A new article that concerns Basic HTTP Authentication and SGD has been posted to the SGD Wiki. Even if Basic HTTP authentication is not what you want, this article illustrates the principles around configuring SGD.

There's also a handy debugging tool (environment.jsp) that you can drop into the SGD webapp directory (/opt/tarantella/webserver/tomcat/\*/webapps/sgd) to find out what the web environment looks like.

Another article specifically about Sun Access Manager is also in the works.

 -FB

Tuesday Jan 08, 2008

Speeding up LDAP queries when using Web Authentication

Some time back we discussed how to speed up LDAP authentication when logging into SGD. In this tip, we simply recommended reducing the user attributes that we search in order to authenticate a user given the provided credentials.

Well, nice tip as it was, it only works when you are logging in directly to SGD (using built-in authentication) and doesn't help if you are using Web Server Authentication. e.g. you're using something to protect the /sgd URI for example, a simple mechanism like Apache basic http authentication (.htaccess), or something powerful like Sun's Java System Access Manager to protect access to the /sgd URI.

If you're doing this, you need to configure an additional bean in the SGD system. And, to preserve your sanity, Fat Bloke recommends always keeping them in step by configuring them together:

/opt/tarantella/bin/tarantella stop
/opt/tarantella/bin/tarantella config edit --thirdpartyldaploginauthority.properties-searchAttributes cn mail
/opt/tarantella/bin/tarantella config edit --searchldapla.properties-searchAttributes cn mail
/opt/tarantella/bin/tarantella start

Sorry not to have mentioned this earlier ;-)

-FB

Wednesday Sep 19, 2007

SGD Portlet released into the wild

For those portal types amongst you that would like your portal to be able to offer applications as well as information, you might be interested in the newly released SGD Portlet.

This is a JSR-168 Portlet that was developed by the SGD and Sun Portal Server team.

We've made available the war file and the source code too.

Enjoy!

-FB

Friday Jul 06, 2007

Command line interrogation of the array

Once you have created some objects and the array is in production, as an administrator, you may want to know some stuff, such as "who's logged in to SGD?", or "who is running what applications", etc, so I find these 2 commands very useful:

  1. Who is logged on? -
    /opt/tarantella/bin/tarantella webtopsession list 
  2. Who is doing what? -
    /opt/tarantella/bin/tarantella emulatorsession list 
Wonder at the richness of the output :-) or pipe it thru your favorite stream editor (sed | grep | wc | awk) to find what you really want.

-FB

About

Fat Bloke

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today