I've been told our working application must coexist with other
applications using BASIC authentication, the same domain name and a
shared authentication store to achieve single sign on (SSO).

 

Our application has been working fine without IIS or Apache sitting in
front of it.  The application is almost entirely dynamic so I didn't
feel a need before.

 

Now that we've thrown the switch on our QA tier the SSO is not working.
The other application seems to generate a key to store the
authentication in the browser of "qa.ourserver.com", while our
application generates a key of "qa.ourserver.com:80".  The browser then
treats these as separate domains.  I do not see anywhere in the config
files where this is set.

 

Q1: Can I configure Tomcat to not include the ":80" at the end of the
domain name?

Q2: Should I configure Tomcat to run behind the same IIS the other
application runs behind?

 

I'm developing in Java and the other application is developed in C## and
.net.

 

Q3: If the BASIC authentication solution weren't already dictated, what
would the preferred SSO solution be?

 

Any additional insight is also appreciated.

 

Thanks!

-Steve-

 

Reply via email to