Jul 26th, 2012, 05:42 AM
Authorize on two or more web applications simultaneously
can you please give me a hint, how to authorize user on few web applications at the same time?
- - WAR 1 (example.com/)
- - WAR 2 (example.com/shop/)
- - ...
- - WAR n (example.com/forum/)
Every WAR is a Spring (+Security) based application. User is authenticated and authorized on WAR 1. When he swithes to any other WAR, he have to pass authentication again. How to bypass it?
Jul 26th, 2012, 08:24 AM
Use a SSO solution (Single Sign On) ... You pass a SSO token around which is checked with the server.
Jul 26th, 2012, 09:58 AM
thanks for reply. Do you know any non-server specific SSO solution(-s)? I will be grateful for the links.
Jul 26th, 2012, 10:58 AM
I suggest google and I don't quite understand your non-server specific part... The whole point of SSO is to be server agnostic else it beats the purpose of SSO (SSO is broader then web applications!).
Jul 26th, 2012, 12:11 PM
Sorry for my bad language. I mean "no 'server-specific'", because the only reasonable SSO solution that I can find - is to use SSO Valve for Tomcat/JBoss. So it will be great to find more versatile way. Can you help with this?
Also I found that "remember-me" cookie can help, but this hack brokes standard "remember me" functionality. Too bad.
Or maybe I can programmatically log-in user in all my Spring Security guarded applications, when he authorizes in one of them?
Jul 26th, 2012, 04:01 PM
I think you want a "server-specific" solution as all of your web apps are deployed on the same app server, let alone the same ear. Do not confuse "server-specific" with vendor lock in. The SSO Valve for Tomcat, the LTPA cookie for Websphere, etc.. all work the same way. The container will populate the request.getUserPrincipal for you. You can use Spring's J2eePreAuthenticatedProcessingFilter to leverage this.
If you want true SSO across different domains, you would have to use CAS or SAML or some other proprietary vendor (i.e. Siteminder). This is way more difficult.
Tags for this Thread