Bug 844412

Summary: SSO setup description is completely wrong
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Tom Fonteyne <tfonteyn>
Component: DocumentationAssignee: Misty Stanley-Jones <misty>
Status: CLOSED CURRENTRELEASE QA Contact: ecs-bugs
Severity: urgent Docs Contact:
Priority: high    
Version: 6.0.1CC: lcarlon
Target Milestone: ---Keywords: Documentation
Target Release: EAP 6.0.1   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Instance Name: Not Defined Build: CSProcessor Builder Version 1.5 Build Filter: null Build Name: Build Date: 20-06-2012 22:01:18
Last Closed: 2013-03-21 01:56:10 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Tom Fonteyne 2012-07-30 14:18:07 UTC 
http://docs.redhat.com/docs/en-US/JBoss_Enterprise_Application_Platform/6/html-single/Development_Guide/index.html#Use_Single_Sign_On_SSO_In_A_Web_Application

section 14.4 is completely wrong.

Here is a proposed replacement:


Overview:

SSO is provided by the web + infinispan subsystems

Prerequisites:

- You need to have a configured security domain which handles authentication and authorization. 
- the infinispan subsystem needs to be present.

The example configuration files already contain the needed "web" cache-container.
If not, you can add it with:

/subsystem=infinispan/cache-container=web:add(aliases=["standard-session-cache"],default-cache="repl",module="org.jboss.as.clustering.web.infinispan")
/subsystem=infinispan/cache-container=web/transport=TRANSPORT:add(lock-timeout=60000)
/subsystem=infinispan/cache-container=web/replicated-cache=repl:add(mode="ASYNC",batching=true)

Some of the example configuration files already have the SSO cache-container, if not add it with:

/subsystem=infinispan/cache-container=web/replicated-cache=sso:add(mode="SYNC", batching=true)


Lastly, the web subsystem needs to be told to enable SSO:

/subsystem=web/virtual-server=default-host/sso=configuration:add(cache-container="web",cache-name="sso",reauthenticate="false",domain="domain.com")

with "domain.com" being the desired cookie domain.
Comment 3 Tom Fonteyne 2012-08-01 08:13:13 UTC 
the main section is good now, but the text in the overview is still wrong as it's still talking about valves.

Something like the below should replace it:


Overview:

SSO is provided by the web + infinispan subsystems
Comment 5 Misty Stanley-Jones 2012-08-22 12:50:46 UTC 
Changed the overview to:

Single Sign On (SSO) capabilities are provided by the web and Infinispan subsystems. Use this proceure to configure SSO in web applications.

Tom, please move to VERIFIED if this is good with you. Thanks!
Comment 7 Andrew Ross 2012-09-02 22:58:48 UTC 
JBoss_Enterprise_Application_Platform-Development_Guide-6-en-US-0.0-3

Example 14.3. Check for the SSO cache-container

Look for output like the following: "sso" => {

If you do not find it, the SSO cache-container is not present in your configuration.


[comment] Is there meant to be an empty screen tag following this line?
Comment 8 Misty Stanley-Jones 2012-09-05 23:25:48 UTC 
No, I've removed it. This is very minor and doesn't affect any procedures so I'll set this to VERIFIED.