tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sridharmnj <>
Subject Single sign on issue with Tomcat and Apache
Date Tue, 03 Jun 2008 20:52:22 GMT

I am integrating two websites using single sign on. I have two sites namely and

When a user navigates from, as he is already authenticated in it, he
should be allowed to without asking the credentials again. This is
my requirement. is based on Tomcat Form based authentication and working fine.'s static data is deployed on apache and it requires apache BASIC
authentication (htttd, and .htaccess). And dynamic data is deployed on
Tomcat and based on Tomcat BASIC authentication.

If I access static data of, it first asks for credentials (Using a
popup), authenticates using mod_auth_mysql, and once the user is
authenticated, it is storing credentials in browser cache. When I navigate
to dynamic content which is in tomcat, still its working without asking
credentials twice. (I ensured that <realm-name> in web.xml and AuthName in
.htaccess file are same). 

I enabled SingleSignOn valve in server.xml file, and trying to access from When I try to access dynamic data of from, as both are based on Tomcat security, they are sharing the browser
cached credentials. (Though one is based on form and another is based on
basic authentication model). But, when I try to access's static data
(which is in apache) from, again its asking credentials, using a
popup. is an old project which was developed around 9 yrs ago and I am not
allowed to modify/reengineer the architecture. 

Could any one please guide me in right direction. I appreciate your help.

View this message in context:
Sent from the Tomcat - User mailing list archive at

To start a new topic, e-mail:
To unsubscribe, e-mail:
For additional commands, e-mail:

View raw message