Hello Everyone, I am working on two different web based applications installed on two seperate servers. On both the systems, I do normal username validation and store the name in session variable. I want to link both the systems in such a way that if a user logs in on first application, he should have direct access to the application from the second site. can anyone help me in this plz. ? The servers are on Linux O/S with Apache/Tomcat. regards rakesh
two web applications can't share any scopes (not servletContext, not httpSession). hmmmm what if you store some information in a DB -- and when you transfer the user to the other app, you also send a key. When you look up that key in the DB, you'll see the user is currently logged in, and can grab their info from that DB? Granted -- you'll have to find a way of doing the above securely. But that's the only reason I can think to share info between the two web apps.
Granted -- you'll have to find a way of doing the above securely. ------------------ I use MD5 strings as cookies for that kind of thing. Two cookies, one with the user's name, then one with the MD5 of "<string><privateknownconstant>". It is more secure if the private constant is <string> dependent. For example, say I want to pass the string "johndoe", and know for sure I passed it. I will set one cookie as "johndoe". I will set another cookie as the md5 of "123johndoes-privatekey". On the recieving side, I put "johndoe" through md5 with string value of the "private key" and see if they match. It they match, then I know I set the cookie, and the value is probably ok. -Pete
Joined: Feb 22, 2003
Thanx both of you for the reply. One thing which I have not followed is about MD5 String (Cookie ?). As far as I understand, If I set a cokie from one W/Server, that cookie cannot be used by second W/Server. So, how do you think this problem can be solved ?? Can you elaborate more on this please ??? thanx Rakesh
Joined: Jan 04, 2002
I am stretching a bit. I actually pass with a URL from one site to another although I pass between webapps in the same server using cookies like I explained. I have not actually done the following, but is there a reason why you can't do Cookie.setDomain("other domain")? (For all I know there may be...) Hope that helps, -Pete