Thanks for the tip and thanks for responding :-) Is the SSO functionality easy to setup? The only issue I have is that all the sessions within the container will be invalidated. Do you know if there is a way to override this behavior? Since there could be other webapps running, this behavior maybe not desirable.
I also found out that I can send attributes from the JetspeedFusionPortlet . When I set an attribute in this class the filter that I have in the struts webapp can see this attribute so I can send some unique id for a user to the struts webapp. Seems like a hack...what do you think of this approach? Any ideas? I know this extra work and implementation. I guess if the SSO does not solve all my problems I may have to resort to this avenue. I still have to verify if it works completely.... Thanks once again for your precious time, Regards, Archana -----Original Message----- From: news [mailto:[EMAIL PROTECTED] On Behalf Of Aaron Evans Sent: Wednesday, October 19, 2005 7:18 AM To: jetspeed-user@jakarta.apache.org Subject: Re: HELP!! Jetspeed 1.6-Fusion question Archana Turaga <Archana.Turaga <at> intervoice.com> writes: > I already have a custom logout action. Do you mean I can somehow invoke > a invalidate on the session that belongs to the struts webapp from > within the Jetspeed logout action. The struts webapp that I have does > not have any logout action in it. Could you please give some more > pointers or elaborate on what you mentioned here? > The solution here is to enable tomcat's SSO functionality. With SSO enabled, there is an SSO session (with its own cookie) that spans all applications in the same container and it holds references to the sessions for a particular user in each app. When a session times out, then the SSO session stays intact so long as there is at least one other valid application session. However, when you call session.invalidate on an application session, then the SSO session invalidates all other application sessions and destroys itself. If you need to implement additional logic when an application session times out or is invalidated, implement the HttpSessionListener interface and register it in your application (within your web.xml). HTH, aaron --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] This e-mail transmission may contain information that is proprietary, privileged and/or confidential and is intended exclusively for the person(s) to whom it is addressed. Any use, copying, retention or disclosure by any person other than the intended recipient or the intended recipient's designees is strictly prohibited. If you are the intended recipient, you must treat the information in confidence and in accordance with all laws related to the privacy and confidentiality of such information. If you are not the intended recipient or their designee, please notify the sender immediately by return e-mail and delete all copies of this email, including all attachments. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
