tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From <DUDG...@britbio.co.uk>
Subject RE: single login form for single sign on
Date Thu, 22 Mar 2001 08:34:26 GMT
> > So in essense the question is: Is there a way to specify a 
> "global" login
> > and error page that will be used by all webapps?
> > 
> 
> No.  Each web application is still a stand-alone entity.
> 
> What single sign on support does for you is remember that 
> you've signed on
> already.  You are still using whatever login mechanism is 
> defined for each
> individual web app.  They don't even have to all use the same approach
> (some could be BASIC, some could be FORM, for example).
> 

What's the thinking behind this? Single sign on would imply having, at least
the option of having a single login page, even if an individual web
application could override the default and provide its own (for instance I
guess webdav can't use FORM, so would have to override a FORM default to use
BASIC/DIGEST).

Having to define login for each we application:
1. provides a maintenance problem if you do want a common login page across
all webapps
2. begins to enter into "using my password for something I haven't approved
it to be used for" teritory. i.e. the login page says you are logging into
webapp1, but in fact your login will be used for webapp2. A single login
page would tell you you are logging into both.

Hence my initial question - is this just the way it has been done, or does
the Spec say it must be done that way etc.?

Many thanks

Tim

--------------------------------------------------------
Tim Dudgeon <dudgeon@britbio.co.uk>



--------------------------------------------------
DISCLAIMER: This message contains proprietary
information some or all of which may be
confidential and/or legally privileged. It is for
the intended recipient only who may use and apply
the information only for the intended purpose.
Internet communications are not secure and
therefore the British Biotech group does not
accept legal responsibility for the contents of
this message. Any views or opinions presented are
only those of the author and not those of the
British Biotech group. If you are not the intended
recipient please delete this e-mail and notify the
author immediately by calling ++44 (0)1865 748747;
do not use, disclose, distribute, copy, print or
rely on this e-mail.

Mime
View raw message