Hi, I had to solve a similar problem a while ago. The solution I found was a small Servlet that I deployed in the other webapps. This Servlet used a RequestDispatcher to dispatch the login/... requests to the login servlet of the main webapp.
However, as far as I remember, the redirect back to the page the client had originally requested, does not work without modifications in the FormAuthenticator, as the FormAuthenticator does only save the context relative part of the URL. Regards, Matthias > -----Original Message----- > From: Jiri Walek [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 19, 2007 12:14 AM > To: 'Tomcat Users List' > Subject: RE: Shared form authentication when using SingleSignOn > > I have forgot to attach some details: > * embeded apache-tomcat-5.5.16-embed.tar.gz running in > eclipse 3.1 runtime > platform > * java 1.5 > * both winxp server, linux .... > > Best, > Jiri > > -----Original Message----- > From: Jiri Walek [mailto:[EMAIL PROTECTED] > Sent: Wednesday, July 18, 2007 11:58 PM > To: users@tomcat.apache.org > Subject: Shared form authentication when using SingleSignOn > > Hello, > > please, consider the situation: > > We have a product that consists of several web applications > deployed to > embedded tomcat container. > All the web applications share the same realm (configured on > engine level) > and use the SingleSignOn valve. > > engine.setRealm(polarionRealm); > engine.getPipeline().addValve(new SingleSignOn()); > > The main web application is configured to use the > FormAuthenticator. The > login/logout pages work well for that application. > > So when user access the main web application and when he/she > is properly > authenticated than when accessing the other web applications > the principal > is properly passed to the other web application and user is > not asked to log > in again. > > Now the problem is: how should we configure the other web > application to use > the login/logout support of the main web application. In the > web.xml one can > specify login/logout actions but they are context relative. > > <!-- Login configuration uses form-based authentication --> > <login-config> > <auth-method>FORM</auth-method> > <realm-name>PolarionRealm</realm-name> > <form-login-config> > <form-login-page>/login/login</form-login-page> > <form-error-page>/login/error</form-error-page> > </form-login-config> > </login-config> > > Is there any standard pattern how to reach the goal that the > login/logout > support is implemented on one place (idealy in one very small > webapp) and so > many applications can share the auth context using > SingleSignOn valve and > the login webapp? > > Best, > Jiri Walek > Polarion Software > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > --------------------------------------------------------------------- > To start a new topic, e-mail: users@tomcat.apache.org > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To start a new topic, e-mail: users@tomcat.apache.org To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
