Using JAAS Login module - shared state map problem - please help
posted 11 years ago
I came across this article on devx.com I am looking for some single sign on solution. However, after reading the article and trying a few stuff, I still have lots of doubt in my mind. Can anybody help me in solving my problem by answering a few questions? Here goes the current implementation details abt user authentication – 1. We have a web application (say A) that talks to a service layer for user authentication and authorization. 2. The service layer is implemented using EJBs. The EJB talks to LDAP directory. The LDAP directory stores users, roles and permissions. 3. Now we have a second web application (say B) running in the same or some times different container as B. There exists a link from application A to got to application B. However, for application B, user has to login again. 4. The EJB uses JAAS Login module that talks to LDAP. Now how can I use the shared state map to support single sign on? This map stores the username and password and passes it to the next login module. However, in my case, I have only one login module used by all applications. In addition, that map can store only one user name at a time as the key of the map is javax.security.auth.login.name. so how can I support multiple user at a time?
Can you please guide me in this respect? Any help would be highly appreciated.