...
| Índice |
|---|
| maxLevel | 4 |
|---|
| outline | true |
|---|
| style | none |
|---|
| exclude | .*ndice |
|---|
| style | none |
|---|
|
Objetivo
Este documento é direcionado a desenvolvedores que desejam criar widgets e componentes para o Fluig, aproveitando sua infraestrutura de autenticação.
...
| Deck of Cards |
|---|
| effectDuration | 0.5 |
|---|
| history | false |
|---|
| id | samples |
|---|
| history | false |
|---|
| effectType | fade |
|---|
|
| Card |
|---|
| default | true |
|---|
| id | 1 |
|---|
| label | web.xml |
|---|
| - Localizado dentro da pasta WEB-INF, o arquivo web.xml deve conter o seguinte conteúdo:
| Bloco de código |
|---|
| <?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/javaee" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_3_0.xsd"
version="3.0">
<security-constraint>
<display-name>REST</display-name>
<web-resource-collection>
<web-resource-name>REST</web-resource-name>
<description>REST</description>
<url-pattern>/api/rest/*</url-pattern>
</web-resource-collection>
<auth-constraint>
<description>REST</description>
<role-name>user</role-name>
</auth-constraint>
</security-constraint>
<login-config>
<auth-method>FORM<method>FLUIGAUTH, FORM</auth-method>
<realm-name>TOTVSTech</realm-name>
<form-login-config>
<form-login-page>/login.jsp</form-login-page>
</form-login-config>
</login-config>
<security-role>
<role-name>totvstech</role-name>
</security-role>
<security-role>
<role-name>user</role-name>
</security-role>
<security-role>
<role-name>sysadmin</role-name>
</security-role>
</web-app> |
Deve-se atentar para a tag <security-constraint>, que define os caminhos que irão precisar de autenticação para serem acessados (no exemplo, <contexto-da-windget>/api/rest/*).
Deve haver pelo menos uma tag <security-constraint>, podendo ter quantas forem necessárias. |
| Card |
|---|
| | Bloco de código |
|---|
| <?xml version="1.0" encoding="UTF-8"?>
<jboss-web>
<context-root>/[contexto-da-widget]</context-root>
<disable-cross-context>false</disable-cross-context>
<security-domain>TOTVSTech</security-domain>
<security-role>
<role-name>user</role-name>
<principal-name>totvstech</principal-name>
</security-role>
<security-role>
<role-name>totvstech</role-name>
<principal-name>totvstech</principal-name>
</security-role>
<security-role>
<role-name>sysadmin</role-name>
<principal-name>wcmadmin</principal-name>
</security-role>
<security-role>
<role-name>admin</role-name>
<principal-name>wcmadmin</principal-name>
</security-role>
<valve>
<class-name>com.totvs.technology.auth.saml.TOTVSAuthenticatorValve</class-name>
</valve>
</jboss-web> |
|
Deve-se atentar para a tag <context-root>, que define o contexto que fará parte da URL para acessar recursos estáticos (js, css, etc.) dessa widget. | Card |
|---|
| - Localizado dentro da pasta WEB-INF, o arquivo beans.xml deve conter o seguinte conteúdo:
| Bloco de código |
|---|
| <?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://java.sun.com/xml/ns/javaee"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/beans_1_0.xsd">
</beans> |
| | Card |
|---|
| id | 4 |
|---|
| label | foundation-security-authentication-saml.jar |
|---|
| - Localizado dentro da pasta WEB-INF/lib.
O arquivo pode ser obtido no endereço http://nexus.fluig.com/content/groups/public/com/fluig/foundation-security-authentication-saml/[versao-do-fluig. Ou, para widgets gerenciadas pelo Maven, esse arquivo é adicionado usando a seguinte dependência: | Bloco de código |
|---|
| <dependency>
<groupId>com.fluig</groupId>
<artifactId>foundation-security-authentication-saml</artifactId>
<scope>compile</scope>
<version>[versão-do-fluig]</version>
</dependency>
|