tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ben Bookey" <>
Subject Using Single Sign on to access another webapp.
Date Fri, 08 Jul 2005 10:19:35 GMT
Dear List,

We are using Tomcat 4.1.xx. We are NOT using the built in security framework 
which comes with TC. In the login.jsp page the user/password is validated by 
an external organisation wide process, which returns simply true or false. 
If the user is valid, the user is forwarded to the application JSP pages. 
The user can not access the application pages at will, because the pages 
check to see if a particular session flag is checked.

Now my problem. I have been asked to assess if single sign On (SSO) could be 
used to create a URL link to another similar webapp's JSP page (TC with no 
security framework), where the user doesnt need to login for a second time. 
There is not so much info. about SSO around, but from what I gather it 
persists login info. inside a session which is passed between web 
applications. My first problem is that "my application" never knows what the 
password is.  Can anyone see a possibilty of using SSO for me, allowing 
direct access to another webapps JSP page with out re-login ?

Would really appreciate any help on this. Especially ones with info. more 
than simply "No" ;-)

kind regards,
p.s. might be that the 2nd app has to create a web-service or something to 
provide the information for us!!

To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message