This a quick run-through to setup JOSSO with OpenLDAP on Apache TomEE, the Java Enterprise Edition of Apache Tomcat.
Download and install Apache TomEE, nothing it is simpler than that!
TomEE is based on Tomcat, therefore the directory structure is very similar:
- conf, the folder with the configuration files
- lib, JAR files requires by the container
- log, TomEE and application log files
- webapps, WAR files
- webapps/tomee, the Web application delivering the EE capabilities
Additional JAR files (ie DB drivers) can be dropped in the lib folder…. but a better approach is indeed to store them separately.
Create a new folder /lib/ext with the libraries, then update the /conf/catalina.properties to ensure those are part of the common classloader:
System properties are defined in /conf/system.properties
Datasources are defined in /conf/tomee.xml
<Resource id=”myDS” type=”DataSource”>
Web Application Libraries
Additional JAR files (ie DB drivers) can also be dropped in the lib folder…. but again lets do it properly.
Create a new folder /applib with the libraries, then update the /conf/catalina.properties to ensure those are part of the shared classloader:
Set appropriate size for the Java Heap and PermGen space adding in /bin/setenv.bat:
Download JOSSO dist (1.8.6 in my case) from JOSSO web site and install the Gateway, it is ok to set Tomcat 7 as platform:
josso> gateway install –target C:/apache-tomee-webprofile-1.5.0 –platform tc70
Deploying Apache Tomcat 7.0.x JOSSO Gateway v.1.8.6
Install the agent in the same way:
josso> agent install –target C:/apache-tomee-webprofile-1.5.0 –platform tc70
Installing Apache Tomcat 7.0.x JOSSO Agent v.1.8.6
Both steps will generate a report of all changes, so you can see which jar files have been copied and which configuration files have been modified.
Config Partner Application(s)
Edit /lib/josso-agent-config.xml to define the partner application(s) (<agent:partner-apps> tag), basically which apps/URLs will be JOSSO-protected.
If you need an LDAP backend (OpenLDAP?) some additional configuration is required:
Edit /lib/josso-gateway-ldap-stores.xml to setup the LDAP connection
Edit /lib/josso-gateway-config.xml to make sure it imports the above josso-gateway-ldap-stores.xml
Edit /lib/josso-gateway-auth and remove hashAlgorithm/hashEncoding from the Basic Authentication Scheme, those settings seem to bother OpenLDAP and the user authentication doesnt work.