Announcement Announcement Module
No announcement yet.
one auth for multiple applications Page Title Module
Move Remove Collapse
This topic is closed
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • one auth for multiple applications

    Hi, I have 5 applications and want to make a single login. One of my application's authentication is made with Spring-Acegi architecture.Others are older applications and are authenticated with a single form username-password authentication(they are older applications and used actively and can't risk to change their architecture). I want to make a single login and send the username and password tokens as request parameters(or are there any other ways?). I wonder if I make a pre-application with Acegi security which accepts username ,password and the application to login, and securely redirect them(with username and password tokens) to the application selected.

  • #2
    It's impossible to get single sign on working across your five applications without changing the applications OR using a native web container single sign on solution. You could also use BASIC authentication if they all present the same realm name, which delivers a form of automatic SSO.

    Your ideal outcome is to install Yale CAS. Acegi Security supports it. It has some libraries to help use it with stock-standard Java webapps IIRC. That would give you the best outcome overall, and scale to multiple web servers and an unlimited number of webapps. Additionally, you could deal with proxy chains if needed (as discussed in CAS documentation).