Crowd 2.1 : Integrating AppFuse - a Crowd-Acegi Integration Tutorial
This page last changed on Dec 17, 2008 by doflynn.
AppFuse provides a sweet starting point for developing web applications. You choose the frameworks, AppFuse generates the skeleton application. At its core, the web security of AppFuse 2.0.1 and earlier applications relies on the modular and extensible Acegi authentication framework. In this tutorial, we look at a basic integration of Crowd with Acegi, using an application generated by AppFuse.
Step 1. Get AppFuseIn this tutorial, we will be using the Struts2-basic archetype to create the project, but the other types should be similar. For more information, consult the AppFuse quickstart guide. In particular, it outlines the database requirements for AppFuse.
Step 2. Let Crowd Know about AppFuseAdd appfuse as an application via the Crowd Console. See Adding an Application for more information. Step 3. Add the Crowd Acegi Connector to AppFuseOpen up the pom.xml and add the Crowd client libraries as a project dependency: You will also need to create the file myproject/src/main/resources/crowd.properties: In particular, the application name and password must match the values defined for the application added in Step 2. Finally, copy the STANDALONE/client/conf/crowd-ehcache.xml to myproject/src/main/resources/crowd-ehcache.xml. This file defines the cache properties, such as cache timeouts, used when accessing data from the Crowd server. Step 4. Hook Up Centralised AuthenticationBefore modifying the security configuration, you will need to add the Spring configuration file to wire up the Crowd client beans. Add the applicationContext-CrowdClient.xml configuration file to the list of contextConfigLocations in WEB-INF/web.xml: AppFuse neatly stores all the Acegi configuration in myproject/src/main/webapp/WEB-INF/security.xml. In order to get centralised authentication, we will need to set up Acegi to use the wrapped authenticator class we just created. Edit the Acegi beans in security.xml:
Congratulations. You have centralised authentication
Step 5. Hook Up Single Sign-OnEnabling single sign-on (SSO) requires a little more tweaking of the security.xml:
SSO will only work for users that are able to authenticate with both appplications and are authorised to use both applications. Try out the following:
Congratulations, you have SSO |
![]() |
Document generated by Confluence on Nov 30, 2010 23:53 |