SSO with Office 365 (Azure AD) using Java (Picketlink) in Tomcat

How to configure Azure Active Directory Federated Single Sign On (SSO) for BuyOnline portal

 

Background

To simplified user authentication process and improve user experiences on BuyOnline, we are enabling  Single Sign On (SSO) features by leveraging Azure Active Directory (AAD).

There are 2 main components involved to enable SSO features on BuyOnline, first is on the application itself which is written on JAVA and secondly on Azure Active Directory (AAD) as Identity Provider (IdP)

This document will only cover the second part which is how to configure SSO for BuyOnline website in Azure Active Directory.

 

Please follow the below steps:

1. Create a Group

Group is used for a logical grouping of BuyOnline users for example a staff, volunteer, etc.

How to create a group in AAD:

Step 1:

After sign-in to Azure portal, navigate to Azure Active Directory -> Users and Groups -> All Groups -> + New Group

 

Step 2:

Add group for example, volunteer and set membership to “Assigned” and give a description.

Step 3:

Assigned user to a group, click “Members” on the group screen and follow the instruction.

2. Registering BuyOnline on Azure Active Directory (AAD)

To establish authentication from BuyOnline to AAD, we have to register the website in AAD.

Step 1: Create New Application

After sign-in to Azure portal, navigate to Azure Active Directory -> Enterprise Application -> All Applications -> + New Application

 

Step 2: Add Non-Gallery Application

Choose “Non-Gallery Application” -> Key In the Name for example buyonline_test for test system and buyonline for production. 

Step 3: Configuring SSO

On the application settings screen, navigate to “Single Sign-On”

 

Set SAML-based Sign-On on the Single Sign-on Mode.

 

Identifier:

TEST: Ananda Please supply the URI

PRODUCTION: Ananda Please supply the URI

 

Reply URL:

TEST: Ananda Please supply the URI

PRODUCTION: Ananda Please supply the URI

 

User Identifier: user.userprinciplename

 

 

“tick” on View and edit all other user attributes and “add attribute”

Name: userid

Value: user.userprincipalname

Namespace: http://schemas.microsoft.com/ws/2008/06/identity/claims

 

3. Create Role for BuyOnline

For authentication purpose, a “manager” role has to be created in the system.

 

Step 1: Adding Manager Role on Application Manifest

Navigate to Azure Active Directory -> App Registrations –> Click on the application name e.g BuyOnline -> Click Manifest

 

Append AppRoles section by addition the below code snippet and click save.

{

      "allowedMemberTypes": [

        "User"

      ],

      "displayName": "manager",

      "id": "d1c2ade8-98f8-45fd-aa4a-6d06b947c66f",

      "isEnabled": true,

      "description": "Its a Manager",

      "value": "manager"

    }

 

Step 2: Assign Role to the User Group

Navigate to Azure Active Directory -> Enterprise Applications -> All Application -> Select your application -> Users & Groups

Assign user group to the role by clicking “+ Add user”

Select the group and assigned “manager” role.

 

 

 

                                                ------------------------------------ END -------------------------------------------

 

 

 

 

 

 

Move source code from one repository to another in GitHub

Tip of the Week - How to move a full Git repository.

January 22nd 2016  Peter Van de Voorde in Tip of the Week, Git

This week I'll show you how you can move a full Git repository from one remote server to another. The steps I'm using even allow you to choose which branches and tags to include.

Let’s call the original repository ORI and the new one NEW, here are the steps I took to copy everything from ORI to NEW:

1. Create a local repository in the temp-dir directory using:

   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   1
   
   git clone <url to ORI repo> temp-dir
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   

   
2. Go into the temp-dir directory.
3. To see a list of the different branches in ORI do:

   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   1
   
   git branch -a
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   

   
4. Checkout all the branches that you want to copy from ORI to NEW using:

   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   1
   
   git checkout branch-name
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   

   
5. Now fetch all the tags from ORI using:

   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   1
   
   git fetch --tags
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   

   
6. Before doing the next step make sure to check your local tags and branches using the following commands:

   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   1
   
   git tag
   
   
   
   
   2
   
   git branch -a
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   

   
7. Now clear the link to the ORI repository with the following command:

   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   1
   
   git remote rm origin
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   

8. Now link your local repository to your newly created NEW repository using the following command:

   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   1
   
   git remote add origin <url to NEW repo>
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   

9. Now push all your branches and tags with these commands:

   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   1
   
   git push origin --all
   
   
   
   
   2
   
   git push --tags
   
   
   
   
   
   
   
   
   
   
   
   
   
   
   

   
10. You now have a full copy from your ORI repo.

Extra:

If you want to simply copy the entire repository you can use

1

git clone --mirror <url to ORI repo> temp-dir

to replace step 1 to 5.

Configure JBoss AS 7.1.1 as Windows service

RUN AS SINGLE SERVICE

We can create Windows Service for Run JBOSS 7.1.1 Final

Please follow below step to create Windows Service

1)      To create  windows service we need  below files

·         jbosssvc.exe

·         jbossweb.x64.exe

·         jbosswebw.x64

·         service.bat

2)      But Above files not present in In C:\jboss-as-7.1.1.Final\bin directory.

3)      So We need to download these files from below link

Download Link: http://www.jboss.org/jbossweb/downloads/jboss-native-2-0-10

Please select downloads as per your operating system , I am using Windows 7 is 64 bit OS

So I have downloaded below bundles

binaries 2.0.10-windows x64

jboss-native 2.0.10 zip bundles

1.5M

2011-08-10

LGPL

Unzip this bundle it will shows

C:\jboss-native-2.0.10-windows-x64-ssl\

\bin

\licenses

4)      Copy all files and folder from bin directory of C:\jboss-native-2.0.10-windows-x64-ssl\ bin\

To C:\jboss-as-7.1.1.Final\bin

So all above 4 files and 1 native folder now available in C:\jboss-as-7.1.1.Final\bin

5)      Run.bat and shutdown.bat not present in C:\jboss-as-7.1.1.Final\bin so

Instead of Run.bat - > use	standalone.bat
Instead of shutdown.bat -> use	jboss-cli.bat

6)      We need to update Service.bat file , instead of that create copy of service.bat  we call it

serviceAS.bat.

We need to modify the serviceAS.bat file as per our requirement

7)      Open ServiceAS.bat got line number 20, 21 ,22 update  these lines.

set SVCNAME=JBOSSASONE

set SVCDISP= JBOSSASONE

set SVCDESC=JBoss Application Server 7.1.1 Final GA/Platform: Windows x64

8)      Go to line number 26 and change the line as per below options

set JAVA_OPTS=-Xrs  -Xms1024M  -Xmx1024M

9)      Go to line number 55  and make change as per below code , serviceAS.bat need update instead of service.bat

jbosssvc.exe  -imwdc  %SVCNAME% "%DIRNAME%" "%SVCDISP%" "%SVCDESC%"serviceAS.bat                                 

10)   Now   Go to line number  75 and 104 , update these line as per below

call standalone.bat  < .r.lock >> run.log 2>&1

As per above mentioned, we are using standalone.bat instead of run.bat

11)   In Jboss Application server 7.1.1 Final bin folder there no any shutdown.bat present.

So instead of shutdown.bat use jboss-cli.bat 

Go to line number 84 and 94, Update as per below

call jboss-cli.bat --connect controller=127.0.0.1:9999 command=:shutdown >> shutdown.log 2>&1

 Even we can execute above command manually from command prompt to stop the service like

C:\jboss-as-7.1.1.Final\bin> jboss-cli.bat --connect controller=127.0.0.1:9999 command=:shutdown;

You will get output like as follows Shutting down JBOSSASONE [2013-12-26 17:18:26] {"outcome" => "success"} Shutdown JBOSSASONE service [2013-12-26 17:18:28]

I have considered default local host controller 127.0.0.1 and 9999 is default management command.

Now we have completed all the changes in serviceAS.bat file

INSTALLATION AS A WINDOWS SERVICE

After all the changes done in serviceAS.bat now we can install the windows service as per below command

C:\jboss-as-7.1.1.Final\bin>serviceAS.bat install Installed  JBOSSASONE Service JBOSSASONE installed

STARTING WINDOWS SERVICE

We are using Windows 7 

1)  Open Windows Management console using run.

Click on start button, in Run or search text box type service.

Now on the top we are able to service option. Click on in.

Or we can access by using task manager also.

2)      After  windows management console search our service in it  and change the startup typeManual to Automatic which would make sure that whenever you start/bootup your system the JBoss AS 7 services starts up automatically. C

3)      Click on start service, status will change to started.

4)      To stop the service we have to click  on stop link in Windows Management Console

5)      We can stop service using command like

C:\jboss-as-7.1.1.Final\bin>serviceAS.bat stop

6)      Or if the server not shutdown or stopped properly through service then we can execute below command from command prompt to stop the service.

C:\jboss-as-7.1.1.Final\bin> jboss-cli.bat --connect controller=127.0.0.1:9999 command=:shutdown;

You will get output like as follows Shutting down JBOSSASONE [2013-12-26 17:18:26] {"outcome" => "success"} Shutdown JBOSSASONE service [2013-12-26 17:18:28]

Reference: http://knowledgespreading.blogspot.com.au/2013/12/jboss-711-final-run-as-windows-service.html