O2OA supports o2Server itself as OAUTH server, also supports O2Server as a client access to other OAUTH servers.
In this case, we take O2Server itself as OAUTH server, which is also the usual configuration scheme. O2Server has complete organization personnel information and is put into collaborative office.
A, O2OA related configuration
Log in to O2OA as an administrator:
And open system Settings:
Add an OAUTH configuration to the OAUTH client configuration area:
Fill in the following:
Configuration contents:
Customer Number (ClientId) : OpenMeetings
Customer key: OpenMeetings
Aping
{ login:(return person.getMobile() + '_ys';) firstname:(return person.getName();) lastname:(return '';) email:(return person.getMobile() + '[email protected]';) country:(return 'CN';) salutation:(return person.getGenderType().toString() == 'm' ? '1', '2') }Copy the codeNotice that in the configuration, the user information associated with O2OA and OpenMeetings is mobile, that is, the mobile phone number. The system automatically registers the user name with the mobile phone number plus “_ys” in the OpenMeetings system. You can change the user name as required.
After filling in, save, as shown below.
2. Openmeetings configuration
Log in to Openmeetings as an administrator:
Click administrator-oauth:
The interface is as shown below:
Fill in the corresponding configuration in the right OAUTH2 Config, as shown below:
Redirect URL: https://localhost:5443/openmeetings/oauth/1 the 1 here is refers to the number of configuration, this line can’t edit, automatically generated when save, need to modify the information for the correct IP or domain name.
Modify application.base.url information
The modification method is as follows:
Click ADMINISTRATOR – Configuration Information to query system configuration
Find configuration information:
Modify the configuration information and save it.
Continue to configure sso after the modification.
The configuration is as follows:
Name: O2OA link icon: http://172.16.1.48/favicon.ico_ customer id: password: openmeetings_ customers openmeetings redirect URL: https://172.16.93.9:5443/openmeetings/oauth/1 request key: http://172.16.1.48/x_desktop/oauth2.html? Redirect_uri ={$redirect_URI}&response_type=code&client_id={$client_id}Request token method: http://172.16.1.48:20020/x_organization_assemble_authentication/jaxrs/oauth/token request token attributes: code={$code}&client_id={$client_id}&client_sceret={$client_secret}&redirect_uri={$redirect_uri}&grant_type=authorization _codeRequest info method: GET request information website: http://172.16.1.48:20020/x_organization_assemble_authentication/jaxrs/oauth/info? access_token={$access_token}Copy the codeUser mapping:
Mapping description:
OM User attribute
OAuth User attribute
instructions
firstname
firstname
address.email
login
login
The Login account, which corresponds to the Login in the O2OA configuration, must match the Login name in the Openmeetings user
lastname
lastname
address.country
country
Verifying the Configuration
Open Openmeetings, we find an O2OA authentication component on the login interface, as shown in the picture below:
After clicking, it will jump to O2OA login page:
After logging in to the OpenMeetings system using the O2OA registered user, the system will jump back to the OpenMeetings system and complete the user registration. (Please do not log in as the Xadmin user. Without the mobile phone number, the sso will not succeed.)
The sso configuration is complete.