Building a Server
I’ve grown quite fond of the open source applications I’ve been working with over the years. Wordpress (the engine behind this blog) is all done in PHP under Apache and uses MySQL for the back end. WebProtege (a wonderful ontology editor from Standford) uses a servlet container for it’s collaboration magic - I like Tomcat alot. Given that I wanted these two applications to be managed from the same space, I dug a little and found a vendor that provide Apache and private Tomcat services.
I tend to go way overboard sometimes and this time is no fairly typical. For years, I’ve wanted to work in the above environment but in a local offline way. From my early days of researching into internet technologies, I wanted to set up an environment whereby I could develop on a “development” server and then “promote” to production. Recently, I began to construct a VirtualPC server to provide the development server function. This server uses Microsoft Windows XP (that’s the OS I know best). I installed Apache 2.2 and it listens on port 80 just like any webserver. Also, I installed Tomcat 6.0 and it listens on port 8080. I use mod_jk to hook up the two application servers so to the end user all web applications look like they’re in the same space.
I’m programming offline against this VirtualPC (yes it is very responsive this way). I modified my Hosts file so clients applications/browsers always think they’re talking to “www.slholmes.org” even though they’re talking to a computer that is running locally in a virtual machine. (VirtualPC networking was tricky but it boiled down to setting up Microsoft’s Loopback Network Adapter).
Once I got some sample apps (including WordPress) running under both PHP (Apache) and Java (Tomcat), I realized that the applications I planned to deployed would all have security accounts, authentication and authorization requirements. I dug a little and found Josso - Java Open Single Sign On. Josso is a security system divided into two main components. The first component is a Gateway which is a web service that runs under Tomcat. The other component is a set of Agents that “front-end” web applications to provide authentication and authorization services.
Today, after much configuration, head scratching and research, I successfully logged into a sample PHP web application, then switched over to a protected Tomcat application. Josso did the heavy lifting, realized I was already logged in and presented the protected Tomcat application without requiring me to log in again under some other context. This is two completely different webapp technologies using the same security engine.
Next steps. As I mentioned, WordPress uses MySQL as the backend. WordPress also has a fairly elaborate “Account” sub-system. I’m going to attempt to hook up Josso to the WordPress authorization sub-system and see how far I can get. I would like to offer up “accounts” for registered users so they can write their own blogs and work with the other web applications all on the same system. We’ll see how far I can get.