Skip navigation
Currently Being Moderated

Separating Flex apps from JSP pages

May 12, 2011 10:17 PM

I'm using the Correspondence Management SA and I'd like to have my  own SSO for the ManageTemplates application to completely remove it from  the surrounding jsp wrapper.  However, I noticed that when the Manage  Templates application starts, it uses the SSO created by the Finance  Corp page and loads the user once the FlexConfiguration is successfully  loaded, without needing to suppy any credentials within the Flex app  itself.  I've created a ViewStack that now contains a LoginView as well  as the AssetManagerView, to enable the enterting of credentials.  But if  I log in with 'grios' in the jsp, then login with 'clopez' in my Flex  login view, send the 'clopez' username and password to LC, and receive a  com.adobe.icc.services.user.UserEvent.AUTHENTICATION_SUCCESS event, the  login works, but the userManager.currentUser is still 'grios' and not  'clopez' as is expected.  I've tried using a logout on the Flex init,  but to no avail.

 

I've also tried adding the Flex app URL directly in the  URLRegistryBootstrapper.java file, as well as commenting out the  securityFilter filter mapping in web.xml to prevent the redirect and  enable the flex application to run without the jsp login.  The flex app  then runs immediately, however the loading of the FlexConfiguration  fails, which means that the application cannot run. So it seems that the  flex app is tightly woven to the calling jsp, but I can't see any  references to this link.

 

Does anyone know the best way to remove the Flex application from  it's jsp wrapper, and have a stand alone Manage Templates Flex app?

 

Thanks,

Kristian

 
Replies
  • Currently Being Moderated
    May 13, 2011 8:21 AM   in reply to Kristian Wright

    Hi Kristian,

    In addition to removing the filter from web.xml, you will also have to make changes to the security-config.xml.

    If you take a look at that file, the first set of lines in that XML will be having URL interceptors for the application. Something like...

    <sec:http ...

       <sec:intercept-url pattern

        ....

        ....

        ....

    </sec:http>

    Depending upon which URLs you want to continue to keep secure, you will have to remove entries from this section of the XML. It is then that you will get rid of the JSP.

    Also, having the view stack as you mentioned, before/above the actual Manage Templates application should produce a login screen, wherein you can get the user credentials and establish a login session. BTW, you could also use our ISSOManager, which you can retrieve using ServiceProvider.getUserService(), to perform the login operation given a username/password.

       

     
    |
    Mark as:
  • Currently Being Moderated
    May 22, 2011 10:43 PM   in reply to Saket Agarwal

    Can you provide a little more instruction on this front?

     

    We have developed an implementation using ISSOManager. The following code is executed during application initialisation:

     

     

    
    userManager = ServiceProvider.getUserService(  );
    var configService: IConfigService = ServiceProvider.getConfigService(  );
    
    
    configService.loadFlexConfig().addHandlers
         (
              function(event:ResultEvent):void
              {
                   flexConfig = event.result as FlexConfiguration;
    
                   userManager.flexConfig = flexConfig;
              },
              function ( event: FaultEvent ): void
              {
              }
         );
    
    
    

     

     

    After the user has entered their credentials, the following calls are made:

     

     

    userManager.addEventListener( UserEvent.AUTHENTICATION_SUCCESS,
              function ( event: UserEvent )
              {
    
              }
         );
    
    userManager.login( username, password );
    

     

    However, calling login() fails. If the system configuration loginMode (adobe-acm-webmodules-9.5.0.0.20101001.1.170840.jar/META-INF/spring/m odule.properties) is set to 'sso' then the UserEvent.AUTHENTICATION_SUCCESS gets fired, but subsequent RemoteObject calls fail due to a lack of authentication. If loginMode is set to 'basic', then the following error is raised:

     

    {icc} info    [com.adobe.icc.services.user.providers::SSOManager/sendRequest]@15:21:44 > [SSOmanager] Contacting [http://localhost:8080/cmsa/j_spring_security_check]
    {icc} info    [com.adobe.icc.services.user.providers::UserManager/authFaultHandler]@15:21:44 > authFaultHandler:[Event type="authenticationFault" bubbles=true cancelable=false eventPhase=2]
    

     
    |
    Mark as:

More Like This

  • Retrieving data ...

Bookmarked By (0)

Answers + Points = Status

  • 10 points awarded for Correct Answers
  • 5 points awarded for Helpful Answers
  • 10,000+ points
  • 1,001-10,000 points
  • 501-1,000 points
  • 5-500 points