Single Sign-On between Joomla (PHP) and a custom JSF / JSP login (JAVA)

Single sign-on (SSO) is a method of access control, that enables a user to authenticate once, and gain access to the resources of multiple software systems. Well in my case, the task i have given is to authenticate a user in a PHP and a JAVA (Web) system simultaneously.

My PHP web application is the well known Joomla CMS, and my JAVA web application is based on JSF and custom built. After some thinking and research I found several resources which are worth reading (JOSSO, OneSign ), but i couldn’t take any help from them, mostly those SSO frameworks are complex ( yeah 🙂 I couldn’t understand ) and aimed on a general pourpose and most of them are not for free.

So yeah I thought of doing some Hack to joomla and also make some changes in my Java web app’s authentication method. After talking with some of my geeky Friends (Sandaruwan and Anjana). I came up with two approaches. both are involved in handling the cookies manually up to certain extent.

The 1st approach is (Which i didn’t try and had to give up due to the reason that I am using JSF as the web application framework) to log-in to the Joomla site and after loged in to Joomla create a random named temp file in the server (possibly in /home/secrets with 777) with the user-name (if a valid log in) and set a cookie using set_cookie(“name”,$filename) and direct to a jsp page to do the java side authentication.

in this JSP, page read the secret file name from the cookie and read the file from the http server in-order to take the username of the loged-in user. By passing this to the authentication method of the java web app, the java side also can be authenticated.

yup it is pretty simple, but i had to give it up mainly because I use JSF. if I do the user authentication in the above way in the java side. I cannot add the user object to the FacesContext which will be used by my other java side components. so even though i log in. later on in other jsf pages my loged user cannot be found. (Shortly my java login process is not happening according to the JSF implementation procedures.) and secondly i had to give up this method because my Project manger didn’t like the idea of saving temp files in the server. 🙂

So the Second and the method which i have implemented is, automating the Joomla log-in process by making an http request to the http server from my JSF backing bean. and set the PHP cookie manually via Http Servlet response.

before i explain this method more broadly i have to mention about two nice tools which helped me to monitor the http requests and response.
Apache TCP Monitor
Live Http headers (FireFox ad-on)

Architecture

Implementation

There are two different scenarios.
1. User can visit teh home page of the joomla site 1st and the PHP Cookie is already set.
2. User visit the Java site PHP Cookie is not available.

Continue reading Single Sign-On between Joomla (PHP) and a custom JSF / JSP login (JAVA)

JSF : Setting a custom message from a backing bean

So yeah !! I thought of writing something about JSF. Since am working with it for Nealy 3 months now. So how about custom message handling for starters !! 🙂

JSF message tag is pretty useful in many places. for an example, for the use of validators. but what i wanted to write here is, not how a message is shown after validation.

Think after some database transaction you wanted to say “Transaction is successful or not successful” or in some random scenario if you wanted to show a message in anywhere in your web-page at anytime, you can do that from your backing bean with out much effort.

I will take the tomahawk fileupload tag as an example JSF tag. so in the JSP side it will look like



	
               value="#{bbaBean.theFile}" storage="file"
               styleClass="fileUploadInput"
               required="true">
        

               errorstyle="Color: red;">



                 action="#{bbaBean.uploadFile}" styleclass="linkbox">

And when the upload button is clicked the uploadFile method will be invoked in our backing bean. which will look like..

public String uploadFile throws IOException {

       FacesMessage messageErr =
               new FacesMessage(FacesMessage.SEVERITY_ERROR,
                     "ERROR : ",
                     "XML File you have uploaded is not compatible");

       FacesMessage messageSuc = new FacesMessage(
              "The XML File You have uploaded is successfully
                                           added to the Database");

       FacesContext fc = FacesContext.getCurrentInstance();

       try {
              //TODO: Transaction or logic....
               fc..addMessage("form1:fileupload", messageSuc);
       } catch(Exception e) {
               fc.addMessage("form1:fileupload", messageErr);
       }
}

Simply that is it. So when an exception occurs your JSP page shows the custom error message. One other thing is you can set the message type too. if its and error message as i have shown make it’s SEVERITY to ERROR. and add an error style class for the tag. so your error message will be shown different than the other messages..

so yeah enjoy..

Long time no see !!

Well yeah I am back… I know things have gone gray.. my technorati ranking has gone down.. my readers are disappointed.. Okey.. So here I plead for forgiveness….

Well for past 3 months I was so sunk in work.. the new project which i am working on right now.. made the days fly so soon… any how.. the things i learnt cannot be written in one blog post..and yeah its not yet finish… I thought of writing a post today.. for few reasons..

I didn’t want anyone to think that I gave-up writing… One of the friendly bloggers threaten me to start writing again.. and yeah I wanted to deliver the news about “SLBOLGS“.

well what can i say about SLBlogs… In few words if i describe…Its a journal with many authors… I know the concept is not so new, but well i see this as a nice place where most of the Sri Lankan Bloggers meet..or rather share there ideas to the whole world.. So yeah its Open for you too.. subscribe with SLBlogs… I hope it will be fun..

Any how, No promises i can make when i will write my next post yet… A lot to scribble… So until then..

Cheers !!

JEvents Hack – Integrating JEvents with Google calender

As i promised today I got some time to write about some PHP programming i did few weeks ago. I had to integrate Google calender with the Sensoria web site, so that the events published in the sensoria site will be automatically published in Sensoria’s public Google calender.

Sensoria Site is created using a famous CMS called Mambo, in Mambo one can install plug-ins for many usage for the customized site they are creating. In this case Sensoria was using Mambo Events Component or now available to download as JEvents in Joomla CMS.

What I did was a small code hack in the eventmanager.php file in com_eventmanager folder in the components directory of Mambo. Its was a pretty easy task, but i had problems while testing. I was behind a proxy and the Zend framework gave a huge trouble when connecting to Google Via an HTTPS connection. After some descutions on Google calender forums.. I found out that it is a bug in the Zend Farmework (Which i could not find a solution and didn’t bother or had time to spend on fixing it). So i had to test it in a live server.

Any how now its all working.. I will publish the code out here.. so anyone who wants to do the same.. please feel free to use it..

eventmanager.php

cheers !!

UDDI Tutorial : JUDDI / UDDI4J ( publish & inquiry using juddi console and uddi4j client API )

Last two weeks i was busy with my office work trying to figure out some tasks related to an EU project called sensoria. I had to integrate the Events plugin of Joomla (CMS) with Google calender (which i am hoping to write about in future) and I had to compose a case study documentation for service discovery using UDDI (Universal Description, Discovery and Integration). It took me few days to setup a test environment to get things actually working.pict_uddi_1.gif

As I saw, that in this area there aren’t many help or online tutorials.. you have to collect tits and bits from every where and put some effort to make things work..

SO yeah thats why i thought to publish a small tutorial on setting up a UDDI server and handling the UDDI4J java client API..

 

Continue reading UDDI Tutorial : JUDDI / UDDI4J ( publish & inquiry using juddi console and uddi4j client API )

Hello Java World

322px-java_logosvg.png

I think This is my 1st post on something related to java… Its not that I hated the language before, but I used rather C++ /.NET and PHP for my earlier work. With my Internship, it would be correct if i say that I said Hello World to the actual Java environment. Its true for my collage Assignments, that I have done some java work, but well it cannot be counted… Anyhow Its been almost 2 months, I am having hands on experience on Java programming or rather more in J2ME and j2EE.

With all the APIs and the systematic documentations of those APIs.. and also with plenty of online help..I must say my life was so easy past few weeks.

As a part of my work package I had to develop a tracking system based on GPS positioning. My self and two more guys work on the project and we developed a server and a mobile client for this task. (this is a small part of a European union project called s3ms). What I thought of writing here today… is about the nice Framework we used, to handle the database.

Hibernate01_oben_logo1.gif

Well it’s not something new, its been used in almost all the java projects carried out in my company… Hibernate is an Object to relational Mapping (ORM) system for java. Hibernate provides a framework which maps the object oriented model to a relational database. Some of the main benefits by using Hibernate is that it makes the application portable on any SQL database.

Hibernate keeps the details of the database in its configuration file hibernate.cfg.xml and by editing few fields in this xml file, makes it possible to transport the application from one database to another. Hibernate mapping is done via xml files which is named name.hbm.xml and in these files the mapping of Java data types to SQL data types are done. you can define the relationships of the tables also in these files using relationship tags. (<many-to-one>) .

I have found a good tutorial on Hibernate in Gary’s Blog.. if you are interested more, those tutorials will be a great help. I should also note that Hibernate provides tools (Hibernate tools) for Eclipse IDE as plugins to generate Java Classes and xml mapping files looking at the database tables.

The founders of Hibernate is also providing a similar framework which is very much the same in practice. Its called NHibernate and used in the .NET platform for database handling. Both the Frameworks are Licensed GPL and LGPL respectively.

So for the people who are like me who were doing the database handling in the usual and the traditional way… Hibernate will surely make your work much easer…

Vuze (Azureus 3.0) – Next Gen P2P Application

azureus.png“Next generation P2P Application”, Thats what they say about Azureus 3.0 Well I know this is not so news, But I happened to discover this very recently due to few reasons.. I was not a major Azureus Fan after all.. I was using utorrent for all my p2p downloads.. for many reasons I loved uTorrent.. for its light lightnes, the fancy progress charts, Statistic GUIs and the user friendliness.

When I was back there home.. I ran utorrent in my WinXp Pro Desktop and it was working really fine..but later i came to Germany I install uTorrent to my notebook but I encountered a browsing problem while utorrent running.. I could not even go to Google home page even when no torrent is downloading.. so when i browse the torrent client had to be stopped.

After googling for some time i found some fixes..(by Lowering net.max_halfopen to 4) ..yet I was not happy so i thought of trying something new.. I tried BitCommet..since its developed useing C++ and also light weighted, But I disliked its appearances.. So finally I thought of trying Azureus.. I have used Azureus for a short while in my Linux box when it was in its 2.x ages.. and it was looking good although it eats up alot of system memory.. well yeah Its a Java application I have to accept that fact..

So i downloaded and it said Vuze (Azureus 3.0)…. I installed it…And Now what the heck is this.. Its looking so colorful so bright having a Cristal bluish UI..and it was truly amazing.. What i did first is to go back to its download site and double check whether its the official Azureus Version.. and yeah no mistake there.. The new Azureus version is bundled with the Vuze Skin making the whole application very much eye catching.. While keeping all its old 2.x features the application is being more aimed on entertainment which is very nice and interesting. It almost forgets or makes its memory usage a minor problem.

h.png

So this post is not for the Loyal Azureus Users.. I know they already use this.. this post is for the people who are using other torrent clients.. I think its worthy to check the new Azureus.. !! and to decide whether it is the next generation P2P Application is all up to you…

Back once again !!!

well i guess am writing a post after June 13th (luckily the date is shown below..) ever since my last post loads of things or rather changers took place. My team lost in both imagine cup entries in the final round.. I don’t have to write about it allover again.. because you can get the full story in many blogs, appears in my blogroll.. I had my second year final exams.. and did it with out any preparation… and at last headed to Germany for my one year Internship… So here I am writing my 1st blog post after a while from Munich, Germany.
Things have changed ever since last June.. missing home alot.. My beloved friends & Family… anyhow am enjoying the work out here.. working in one of the software arms of BMW (F.A.S.T GmbH), developing location base applications for mobile phones using JAVA / J2ME.. work is pretty fun.. the main thing is the freedom i have in the company.. the work environment is truly amazing..

How fascinating the life is… few months ago i never had an idea in going abroad.. well i wanted a change.. wanted to go somewhere and work well..and experience a some new ness’.. but i ended up with a total new ness’ which i never dreamed before..

Just thought of writing something about me and the reason i couldn’t blog.. well this post is totally useless i know.. so am hoping to write something useful later today. So let me say welcome back…

UNIX / LINUX based Client & a Server application

Okey so am writing after some time about some valuable thing !! This is about some thing I happened to do as an assignment for one of my degree modules (Network Application Development). The Assignment is to implement a server and a client using both TCP and UDP. The functionalities expected were, a centralized server which keeps records of the online connected buddies in the network (Subscription) Continue reading UNIX / LINUX based Client & a Server application