Part 3: Integrating WebSphere Portal into your security environment and user management system

Use the portal programming interfaces to implement single sign-on (SSO), customize portal login behavior, and work with the user profiles. See the interfaces applied to the calendar and todo example from Part 1.

Dieter Buehler (buehlerd@de.ibm.com), WebSphere Portal Security Architect, IBM

Dieter Buehler photoDr. Dieter Buehler, WebSphere Portal Security Architect, joined IBM in 2002 and has worked in the WebSphere Portal development team since the WebSphere Portal 4.1 release. Prior to IBM, Dieter worked three years in research at the University of Tuebingen in Germany exploring concepts and technologies for integrating industrial automation systems into web-based portal solutions. In addition to the WebSphere Portal security architecture, Dieter is especially interested in Java-based client-server system design and information retrieval concepts.



Stefan Hepper, WebSphere Portal Programming Model Architect, IBM

Author photoStefan Hepper is the responsible architect for the WebSphere Portal, Workplace Client and Server programming model, and public APIs. He co-lead the Java Portlet Specification V 1.0 (JSR 168), and is now leading the V 2.0 (JSR 286). Stefan started the Apache Pluto project that provides the reference implementation for JSR 168. He has delivered lectures at international conferences such as JavaOne, has published various papers, and was co-author of the book Pervasive Computing (Addison-Wesley 2001) and the Portlets and Apache Portals (download manuscript, Manning 2005). Stefan received a Diploma of Computer Science from the University of Karlsruhe, Germany. He joined the IBM Boeblingen Development Laboratory in 1998.


developerWorks Professional author
        level

Stefan Schmitt (st.schmitt@de.ibm.com), Portal and Workplace Security Lead, IBM

Stefan Schmitt photoStefan Schmitt joined IBM in 2000 and has worked in the WebSphere Portal development team since the WebSphere Portal 1.0 release. He leads the security team of IBM WebSphere Portal, works as the IBM WebSphere Portal Vulnerability contact and is responsible for the architecture and design of the user management functions available in IBM WebSphere Portal. Prior to his work at IBM, Stefan studied Information Technology at the University of Cooperative Education Stuttgart.



Holger Waterstrat (waterstrat@de.ibm.com), WebSphere Portal Security Team, IBM

Holger Waterstrat photoHolger Waterstrat joined IBM in 2001 and worked in the pervasive computing development area. He joined the WebSphere Portal development team in the same year and is currently working in the security team. Holger received a Diploma of Computer Science from the Technical University of Berlin.



Andreas Zehnpfenning (zehnpfenning@de.ibm.com), WebSphere Portal Security Team, IBM

Andreas Zehnpfenning photoAndreas Zehnpfenning received his Diploma of Computer Science from the University of Stuttgart. After completing his diploma thesis on speech synthesis at IBM's voice team in 2005, he joined the WebSphere Portal security team.



Peter Schmitz , 企业 Java 顾问和讲师, LearningPatterns

Peter Schmitz 是 LearningPatterns 的核心咨询、指导和课程开发团队的主要成员。Peter 在负责该公司的许多以技术为主的成套产品的开发、测试和维护的过程中,将自己的实际编程技能和优秀的指导能力相结合来开发最佳质量的教育计划。

Peter 还积极参与了特定于供应商的系列产品和独特教育产品的开发、维护和交付,通常把这些产品开发成为第三方客户和合作伙伴定制的解决方案。他侧重的技术工作包括围绕 Java 技术、EJB 技术、J2EE Java Servlet、JSP 文件、IBM WebSphere 4.0、XML、Web 服务(SOAP 和 UDDI 等)及其它技术来开发程序和项目。

最近,Peter 担当了 ING Bank 的技术性体系结构顾问,他负责维护和扩展基于 XML、Java Servlet 和 EJB 技术的企业服务框架(Business Services Framework)的技术体系结构(Technical Architecture)。在这个项目中,他使用了 IBM WebSphere、IBM MQ Series、VisualAge for Java 和关系数据库。Peter 作为项目负责人、技术体系架构师、分析师、导师和高级软件工程师参与了以前许多咨询活动。

Jacob Weintraub ― 共同创始人和服务主管,LearningPatterns

Jacob Weintraub 是 LearningPatterns 的共同创始人和服务主管,他自 1988 年以来一直从事对象和高级技术(Object and Advanced Technologies)方面的工作。他于 1995 年开始使用 Java 编程语言的 beta 测试发行版,还制作了最早向公众提供的 Java 技术课程之一。

自那时起,他就在 LearningPatterns 充当高级企业前沿技术培训工作的“先锋”。这包括以 J2EE/EJB 技术、面向对象的分析与设计、XML/XSLT,以及现代的 Web 服务为主题的授课和指导业务。他还在许多会议上发表演讲,并为 Java ReportJavaWorld 撰写文章。

秉承了 LearningPatterns 的信条:最好的老师是经验丰富的程序员,Jacob 是一位经验丰富的开发人员。他的经验包括指导程序员团队构建基于 EJB 技术的系统,开发金融系统的 OO 库,开发至 C++ 编译器的 CORBA IDL,以及与哥伦比亚大学分布式计算与通信中心(Distributed Computing and Communications Center)一起利用分层 OO 模型研究超大型计算机网络(Very Large Computer Networks)的管理。



21 June 2006

Use the portal programming interfaces to implement single sign-on (SSO), customize portal login behavior, and work with the user profiles. See the interfaces applied to the calendar and todo example from Part 1. This is the third part in an article series on Exploiting the WebSphere Portal V5.1.0.1 programming model.

In this article

  • Creating an SSO infrastructure:
  • Customizing the credential vault
  • Customizing the login behavior
  • Working with user management systems
  • Adding group support to our example portlet application

Summary

Part 1 of this series introduced the overall IBM WebSphere® Portal programming model and showed where you can customize and extend WebSphere Portal. Part 2 described how URLs are generated in WebSphere Portal and how you can leverage the URL generation capabilities in your themes and skins. This part explores the security related APIs and the user management system.

An important task in installing a new portal is to integrate the portal environment with the overall security environment. This article tells how you can achieve single sign-on (SSO) across different servers and environments, and how you can customize the default portal login behavior using the Java™JAAS framework. You learn about the WebSphere Portal user management APIs which enable you to read from and write to the underlying user management system. Finally, you see how to update the calendar and todo sample (used in Part 1) to retrieve specific todos based on the groups to which a member belongs.

This document will be updated periodically and the Portlet Factory development team welcomes your suggestions.

Downloads

DescriptionNameSize
Article in PDF format0606_buehler-WP5101_ProgModel_P3.pdf  ( HTTP | FTP )1MB
Code sampleCalendarPortletIBM_Part3.zip  ( HTTP | FTP )479 KB
static.content.url=http://www.ibm.com/developerworks/js/artrating/
SITE_ID=1
Zone=WebSphere
ArticleID=132679
SummaryTitle= Part 3: Integrating WebSphere Portal into your security environment and user management system
publish-date=06212006