• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Jeanne Boyarsky
  • Ron McLeod
  • Paul Clapham
  • Liutauras Vilda
Sheriffs:
  • paul wheaton
  • Rob Spoor
  • Devaka Cooray
Saloon Keepers:
  • Stephan van Hulst
  • Tim Holloway
  • Carey Brown
  • Frits Walraven
  • Tim Moores
Bartenders:
  • Mikalai Zaikin

Single Signon with JAAS/SAML

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I have three types of application in my system...
1. Web application (browser-based)
2. Java application
3. C++/vb application
All log in will be handle by a login web service. Thus, if I log into the C++ application, it will access the login web service. If the user has been authenticated by logging into the C++ application, how can I allow the user to access the web application without having to sign in again (i.e. single sign-on across web applications and non-browser applications).
I was thinking that I'll pass the workstation identification back to the server and the server will return something that indicates whether the user has been authenticated on this workstation already. But I am worried that this can be a security hole...
Any ideas will be welcomed.
thanks,
 
Greenhorn
Posts: 24
Eclipse IDE Firefox Browser Java
  • Likes 1
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
One best option is to use SAML and OpenSAML libraries. Google is doing the same for its apps.
Once you will login from your any application then a key will be set and if you tried to access another application it will allow you to access because of that key.
 
Consider Paul's rocket mass heater.
reply
    Bookmark Topic Watch Topic
  • New Topic