This week's book giveaways are in the Refactoring and Agile forums.
We're giving away four copies each of Re-engineering Legacy Software and Docker in Action and have the authors on-line!
See this thread and this one for details.
Win a copy of Re-engineering Legacy Software this week in the Refactoring forum
or Docker in Action in the Cloud/Virtualization forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

How to share value between mutiple war files?

 
Cathy Jin
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I have 2 war files running on the same web server. There is a login jsp page in the first war. When the user login through the login page, how can I pass the userid to the second war (for example, pass the first web application userid to the session of second web application)?


Any idea? Thanks.
 
D Rog
Ranch Hand
Posts: 472
Linux Objective C Ubuntu
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There are many single sign on solution, for example you can use Netegrity products. However I use very simple solution, when a user logged in first war it stores user login information in a small file and setup its name as a cookie value with domain scope. When a user hits second war it looks for a cookie value and if it's here, then opens a file and reads credentials. Instead of file you can use a global static map, unless your servlet container provides a good isolation.
 
Aarti Mehta
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
sorry just checking
 
steve souza
Ranch Hand
Posts: 862
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
A couple other things you could do:

1) Store the data in a database. This would have an advantage that you could use the information even if you moved your applications to separate machines that didn't have access to the same file system. Code this to an interface and you can hide your storage mechanism.

2) Put a class of yours in the server level classloader and use a static variable (Map?) to store the information. This way any application running on this server could access the same information.

Whatever solution you choose I would code to an interface which will allow you the flexibility of switching between the above 3 mentioned implementations (save to file, save to db, store in static instance).
 
Sai Krishna Chitta
Greenhorn
Posts: 12
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I solved similar problem once. Check if my ideas solves your problem.

I was asked to use same authentication information of one Web Application(say "webApp1") in another web Applcation(say "webApp2")which was running on same or different server. I did in this way,

I have an authentication information of a user for webApp1 with me. I am sending this information by encoding in URL request to the webApp2. But here webApp2 is maintaining sessions(and there was no session for the given user in webApp2), hence it took me to the login page of webApp2, which shouldn't. Hence I written another similar login class file in webApp2 but this time that class creates a session (by redirecting the request to browser)with the authentication information (encoded in URL).

In that way I solved my problem. As I didn't have much time then, I haven't explored the servlet container capabilites regarding this. Explore in that direction also.

Thanks
Sai Krishna
 
Eddy Lee Sin Ti
Ranch Hand
Posts: 135
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
If both of your web applications reside in the same server, then both of the web applications can be within the same protection domain boundary if you declare them in web.xml. For example:

Application 1 and 2 web.xml:


You can use FORM authentication, instead of BASIC authentication if you need to provide your own user interface for the login.

I'm using Tomcat UserDatabaseRealm for the authentication user information, but you can using JdbcRealm if you need to lookup those information in a database.

If you are using other servers, i believe that they would have similar facility for this, because the concept of protection domain boundary is a standard for servlet container.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic