wood burning stoves 2.0*
The moose likes Servlets and the fly likes Single Sign-On to IIS from J2EE Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Murach's Java Servlets and JSP this week in the Servlets forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Single Sign-On to IIS from J2EE" Watch "Single Sign-On to IIS from J2EE" New topic
Author

Single Sign-On to IIS from J2EE

Ajay Kambhampati
Greenhorn

Joined: Oct 07, 2003
Posts: 3
I have 2 web sites. The first one is hosted in J2EE server and the second one is hosted on IIS. I am trying a Single-Sign On from the first web app to the second web app. How do we do this?
I am trying to set response.setHeader() in my JSP. But this is not working. I am not even sure if the headers are right.
Thanks,
Ajay
Kripal Singh
Ranch Hand

Joined: Jul 26, 2001
Posts: 254
i think you are trying to integrate .net and j2ee platforms . have a look at borland Janeva
http://www.borland.com/janeva/


# Help an unprivileged kid.<br /> Whatever u do will make a difference...<br /> ...to a child's life & ur own #<br /><a href="http://www.cry.org/" target="_blank" rel="nofollow">www.cry.org/</a>
Stan James
(instanceof Sidekick)
Ranch Hand

Joined: Jan 29, 2003
Posts: 8791
Commercial products like Netegrity do this stuff by inserting a filter (terminology varies by web server) in front of normal processing. In very general terms ... the filter looks for an authentication token in the HTTP request. It checks the token against its own server (not the two web servers you're securing) and either allows the request to go through or redirects the browser to a log-in page. So if you log in and get the token, you can then go to any other web server. Your apps never have to be aware of the token, so less work. The filter adds a context of some kind to the request which your app can query to get user identity and any authorization information the security subsystem might hold.
My level of exposure to this is barely deeper than reading the market literature. Anybody have real details? Is it something one could try to write instead of buy?


A good question is never answered. It is not a bolt to be tightened into place but a seed to be planted and to bear more seed toward the hope of greening the landscape of the idea. John Ciardi
 
Consider Paul's rocket mass heater.
 
subject: Single Sign-On to IIS from J2EE
 
Similar Threads
Single Sign On
More on HttpSessionBindingListener?
Access protected resource (j_security_check)
Single Sign On & HTTP Headers
Path issues with my webapp