Re: [Hypercontent-users] CASIFY Hypercontent - issue

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

On Oct 30, 2006, at 9:46 PM, tom tom wrote:

> Hi Alex,
> Thanks for your instructions I got lot of good news
> this time.
>
> Well even though I casifed the HC, still I dont use
> that feature as students retrieve,only the public read
> only contents from HC via WebProxy.  But still I am
> keeping the casified HC hoping it will be useful for
> the content editing part by authors.
>
> Do we really get any advantage by having a WebProxy
> why not a inline frame for the above scenario (read
> only access).

IFrame is OK if you don't mind possibly seeing scollbars or empty  
vertical space, or losing URL state information on changing tabs.

>
> The above is the one which is not clear to me. Well I
> was under the impression providing a link (html href)
> ( e.g
> http://localhost:8080/hypercontent/my-project/?mode=interactive)
> for the authers and publishers in the uPortal channel
> and ask them to login again as it does not carry any
> credentials even though the authers/publishers logged
> into uPortal via CAS.
>
>> With CAS working,
>> though, the user
>> will not have to login again when going from uPortal
>> to HC.
>
> Assuming this user is a Auther/Publisher can you
> explain what is meant by the above.

When the user logs into the portal via CAS, they are also  
establishing a session between their browser and the CAS server. When  
a link inside a portlet opens HyperContent in a new window, if  
authentication is required for that HC page, the link has a parameter  
"mode=login", or the user clicks "login" on the page, they will be  
redirected to the CAS server which, having already established a  
session with the user's browser, will automatically redirect back to  
HC with a ticket that HC can use to authenticate the user without  
seeing their password.  The CAS authentication into HC is invisible  
to the user as long as their CAS session has not expired since they  
logged into the portal.

In this mechanism, the portal is not passing any information to  
HyperContent about the user.  Instead, CAS acts as a trusted  
authentication source for both uPortal and HyperContent, and may only  
require the user to enter their password once to provide  
authentication into both HC and UP.

> Now I made the HC cas enabled,it works fine,but what
> about the logout, well I think now it should invoke
> the cas/logout how to configure that.
>

I never did get around to trying this ;-)  You may need to experiment  
in pipelines.xml - you'll want to set up the logout pipeline with  
something like

<pipeline name="logout" mode="logout" basedir="/" content-type="text/ 
html" binding="all">
	<exec  
stage="org.hypercontent.project.engine.stage.SessionAttributeStage">
			<with-param name="name" value="service"/>
			<with-param name="value" value="${abs-project-base}${request-path}% 
3f${request-parms-encoded}%26command%3DLogout"/>
		</exec>
		<exec stage="org.hypercontent.project.engine.stage.RedirectStage">
			<with-param name="location" value="https://localhost:9090/cas/ 
logout?service=${service}"/>
		</exec>
	</pipeline>

Cheers,
	Alex