To: Tomcat Users List
Subject: Re: Using Single Sign on to access another webapp.
Date: Fri, 08 Jul 2005 06:48:44 -0400
One way to do SSO is to utilize a cookie (lets call it SSO, and to be
really secure - it should only be transfered over https). The existence of
a cookie says the person mi
Take a look at
http://tp.its.yale.edu/tiki/tiki-index.php?page=CentralAuthenticationService
Tim Funk escribió:
One way to do SSO is to utilize a cookie (lets call it SSO, and to be
really secure - it should only be transfered over https). The
existence of a cookie says the person might be l
One way to do SSO is to utilize a cookie (lets call it SSO, and to be really
secure - it should only be transfered over https). The existence of a cookie
says the person might be logged in. The value of the cookie needs to be
checked. The value of the cookie shold NOT be the user id. It can b
Check this for a way to implement this with Tomcat (you must use 5.5 ore
higher, though):
http://weblogs.java.net/blog/wholder/archive/2005/02/session_session.html
Or this is a solution I found with an external authentication server:
http://www.developertutorials.com/tutorials/java/single-sign-o
Dear List,
We are using Tomcat 4.1.xx. We are NOT using the built in security framework
which comes with TC. In the login.jsp page the user/password is validated by
an external organisation wide process, which returns simply true or false.
If the user is valid, the user is forwarded to the app
