On 8/6/04 9:49 AM, "George Armhold" <[EMAIL PROTECTED]> wrote:
> I'm wondering if someone could suggest what might be a "best practice" > for implementing single-sign-on for Tomcat/Axis. I have an app that > is partially web-based (servlets and JSPs), and partially Swing-based. > The Swing portion talks to the server over SOAP using Axis. I'd like > the user to be able to log in once, and have his session carry over > from the web half to the Swing/SOAP half, and vice-versa. I have a > couple of "DIY" approaches in mind, but I would like to know if there > is something standard out there. > > The first DIY approach that comes to mind is to have Axis/SOAP > implement the true login "session", and make the servlets log in via > SOAP as well. Then the servlets pass SOAP session IDs to any Swing > clients they launch via JNLP. This sounds possible, albeit kind of > kludgy. Is there a more standard solution? > > Thanks. We're getting ready to use a SSO product called Cams from CafeSoft to accomplish something similar. It works with a variety of application servers, including Tomcat. http://www.cafesoft.com DJH ________________________________________________________________ This message could have been secured by PGP Universal. To secure future messages from this sender, please click this link: https://keys.pgp.com/b/[EMAIL PROTECTED]
