Manualshelf

NonStop Servlets for JavaServer Pages (NSJSP) 6.0 System Administrator's Guide

ManualsBrandsHP ManualsServerHP Integrity NonStop H-Series
81828384858687888990
Configuring NSJSP
NonStop Servlets for JavaServer Pages (NSJSP) 6.0 System Administrator’s Guide544548-004
3-40
Configuring Single Sign-On Support
To calculate the digested value of a clear text password, two convenient techniques
are used:
If you are writing an application that needs to calculate digested passwords
dynamically, call the static Digest() method of the
org.apache.catalina.realm.RealmBase class, passing the clear text
password and the digest algorithm name as arguments. This method returns the
digested password.
A command-line utility is provided to calculate the digested password, type:
NSJSP_HOME/conf/nsjsp_digestPassword \
{digest algorithm} {cleartext-password}
and the digested version of this clear text password is returned to standard output.
For more information on the digest attribute, see nsjsp_digestPassword.
Configuring Single Sign-On Support
NSJSP enables users to authenticate themselves only once across the entire set of
web applications associated with a virtual host. To successfully configure NSJSP for a
single sign-on support, the following requirements must be taken into account:
All clients that intend to use single sign-on support must support cookies, which
maintain the user identity across web applications.
As implemented in the NSJSP container, the scope of the single sign-on support is
that the entire set of web applications is registered with a single virtual host.
The system administrator must configure the file NSJSP_HOME/conf/server.xml to
enable single sign-on support. To configure:
1. At the <Engine> or <Host> level, configure a <Realm> element that defines the
database of valid users and their corresponding roles. In the default configuration
of NSJSP 6.0, this configuration is done at the <Engine> level.
HP recommends that you do not configure a <Realm> element inside one of the
<Context> elements describing the web applications associated with this virtual
host. If you configure a <Realm> element inside a context element, the same user
credentials (username and password) need to be in this realm to support a single
sign-on.
2. Include a nested element inside the <Host> element as shown in Example 3-19
on page 3-40 .
Example 3-19. Configuring single Sign-On support
<Host name="localhost" ...>
...
<Valve className="org.apache.catalina.authenticator.SingleSignOn"
...
</Host>