Announcement Announcement Module
Collapse
No announcement yet.
Best approach for SSO on 2 web apps Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Best approach for SSO on 2 web apps

    Hi, I've been searching the last day or so on the best approaches for using SSO for 2 web apps. We have 2 separate wars that are deployed to the same container. We would like to make it so the user signs on once. I should point out, users do not go directly to the 2nd app, rather it is embedded in an iframe in the 1st web app. I was able to get SSO using BASIC authentication, but do not like that fact that users can't really log out. I've looked at CAS but feel that is a bit too much for our 2 apps. We don't plan on adding anymore.

    I've been looking at the Spring Security API to see if maybe we could write a custom filter or something along those lines. I was thinking if we were able to get the session id to the 2nd app, it could just verify its a legitimate session id, and log the user in. I'm not sure if that's possible (not to mention if that would be considered a secure approach.)

    We are hoping to avoid having to configure another web application.

    Thanks

  • #2
    Have you looked at the Spring Security - SAML extension?

    Comment


    • #3
      Thanks for the reply. I've started looking at SAML and it seems along the lines of the CAS solution, more configuration. I was hoping we could avoid any more configuration at all possible.

      Comment


      • #4
        Hi

        I'm interested in this but the page about it is blank

        http://static.springsource.org/sprin...aml/index.html

        Any ideas where to find good documentation?

        cheers, john

        Comment


        • #5
          I am not sure if this is still the most current, but the documentation can be found with the source code. It might be worth a post to the SAML forum to verify...

          http://forum.springsource.org/showth...y-availability

          Comment

          Working...
          X