Red Hat JBoss Portal 6.2
For use with Red Hat JBoss Portal 6.2 and its patch releases.
Legal Notice
Copyright © 2015 Red Hat, Inc.
This document is licensed by Red Hat under the Creative Commons Attribution-ShareAlike 3.0 Unported License. If you distribute this document, or a modified version of it, you must provide attribution to Red Hat, Inc. and provide a link to the original. If the document is modified, all Red Hat trademarks must be removed.
Red Hat, as the licensor of this document, waives the right to enforce, and agrees not to assert, Section 4d of CC-BY-SA to the fullest extent permitted by applicable law.
Red Hat, Red Hat Enterprise Linux, the Shadowman logo, JBoss, MetaMatrix, Fedora, the Infinity Logo, and RHCE are trademarks of Red Hat, Inc., registered in the United States and other countries.
Linux® is the registered trademark of Linus Torvalds in the United States and other countries.
Java® is a registered trademark of Oracle and/or its affiliates.
XFS® is a trademark of Silicon Graphics International Corp. or its subsidiaries in the United States and/or other countries.
MySQL® is a registered trademark of MySQL AB in the United States, the European Union and other countries.
Node.js® is an official trademark of Joyent. Red Hat Software Collections is not formally related to or endorsed by the official Joyent Node.js open source or commercial project.
The OpenStack® Word Mark and OpenStack Logo are either registered trademarks/service marks or trademarks/service marks of the OpenStack Foundation, in the United States and other countries and are used with the OpenStack Foundation's permission. We are not affiliated with, endorsed or sponsored by the OpenStack Foundation, or the OpenStack community.
All other trademarks are the property of their respective owners.
Abstract
This book provides information to administrators for configuring and running Red Hat JBoss Portal. It forms part of the complete document suite available at https://access.redhat.com/site/documentation/Red_Hat_JBoss_Portal/.
- Preface
- I. Management
- 1. Portal Management
- 2. REST Interface
- 3. Command Line Interface
- 4. Model Object for Portal (MOP) Management Extension
- II. Domain Mode
- III. Administration and Monitoring
- IV. Authentication and Authorization
- 7. Authentication and Authorization
- 8. Password Encryption using PicketLink IDM Framework
- 9. PicketLink IDM Integration
- 10. Token Service
- 11. Predefined User Configuration
- 12. Single Sign-on
- 12.1. File Name Conventions
- 12.2. Single Sign-on (SSO) Configuration
- 12.3. Central Authentication Service (CAS)
- 12.4. Configuration for Central Authentication Service (CAS)
- 12.4.1. Downloading Central Authentication Service
- 12.4.2. Modifying the Central Authentication Service (CAS) Server
- 12.4.3. Authentication Plugin for Central Authentication Service (CAS)
- 12.4.4. Configuring the Authentication Plugin
- 12.4.5. Setting up Logout Redirection
- 12.4.6. Cookie Configuration for Central Authentication Service (CAS) Single Sign-on
- 12.4.7. Portal Authentication using Central Authentication Service Ticket Granting Cookie (CASTGC)
- 12.4.8. Installing Apache Tomcat Server
- 12.5. Modifying the Portal
- 12.6. Building and Deploying Central Authentication Service (CAS)
- 13. Java Open Single Sign-on
- 14. OpenAM
- 15. Simple and Protected GSSAPI Negotiation Mechanism (SPNEGO)
- 16. Single Sign-on in a Cluster
- 17. LDAP Integration
- 18. Security Assertion Markup Language (SAML2)
- 19. Using JBoss Portal SSO with Salesforce and Google Apps
- 19.1. JBoss Portal as the Identity Provider (IDP) and Salesforce as the Service Provider (SP)
- 19.1.1. IDP (JBoss Portal) and SP (Salesforce) Prerequisites
- 19.1.2. Obtain a Salesforce developerforce Account
- 19.1.3. Creating a Salesforce Domain
- 19.1.4. Configure SAML SSO SP Settings
- 19.1.5. Import Message Signing Certificate into Salesforce
- 19.1.6. Create Salesforce and Portal Users
- 19.1.7. Obtain the Salesforce Client Certificate
- 19.1.8. Configure JBoss Portal as the IDP
- 19.1.9. Test the IDP (JBoss Portal) and SP (Salesforce) Configuration
- 19.2. JBoss Portal as the Identity Provider (IDP) and Google Apps as the Service Provider (SP)
- 19.2.1. IDP (JBoss Portal) and SP (Google Apps) Prerequisites
- 19.2.2. Create A Google Apps for Business Account
- 19.2.3. Create Default Google Apps for Business Users
- 19.2.4. Configuring Google Apps as the SP
- 19.2.5. Configuring JBoss Portal as the IDP
- 19.2.6. Testing the IDP (JBoss Portal) and SP (Google Apps) Configuration
- 19.3. Salesforce as the Identity Provider (IDP) and JBoss Portal as the Service Provider (SP)
- 19.3.1. IDP (Salesforce) and SP (JBoss Portal) Prerequisites
- 19.3.2. Obtain a Salesforce developerforce Account
- 19.3.3. Creating a Salesforce Domain
- 19.3.4. Disable SP Single Sign-on in Salesforce
- 19.3.5. Create and Apply a Salesforce IDP Message Signing Certificate
- 19.3.6. Create Salesforce and Portal Users
- 19.3.7. Configuring Salesforce as the IDP
- 19.3.8. Configuring JBoss Portal as the SP
- 19.3.9. Testing the IDP (Salesforce) and SP (JBoss Portal) Configuration
- 20. OAuth - Authentication with Social Network accounts
- 21. Impersonation
- 22. Wildcard Membership Type
- V. Mobile and Responsive Portal
- 23. Mobile and Responsive Portal Site
- 24. Site Redirection
- VI. Portal Configuration
- VII. Gadget Configuration
- VIII. Web Services for Remote Portlets
- 28. Web Services for Remote Portlets
- 29. Securing Web Services for Remote Portlets
- 30. Credentials for Web Services Security
- 30.1. About Web Services Security Configuration
- 30.2. WSS4J Interceptors and WSRP
- 30.3. WS-Security Consumer Configuration
- 30.4. Producer Configuration
- 30.5. Configuring WSRP using the User name Token and User Propagation
- 30.6. Securing WSRP Endpoints using Encryption and Signing
- 30.7. Configuring WSRP using User name Token, Encryption and Signing with User Propagation
- 31. Using Remote WSRP Portlets
- 32. Maintaining Consumers
- 33. Working with WSRP Extensions
- 34. Configuring the WSRP Producer
- A. Revision History