This week's book giveaway is in the OO, Patterns, UML and Refactoring forum. We're giving away four copies of Refactoring for Software Design Smells: Managing Technical Debt and have Girish Suryanarayana, Ganesh Samarthyam & Tushar Sharma on-line! See this thread for details.
I have 2 war files running on the same web server. There is a login jsp page in the first war. When the user login through the login page, how can I pass the userid to the second war (for example, pass the first web application userid to the session of second web application)?
There are many single sign on solution, for example you can use Netegrity products. However I use very simple solution, when a user logged in first war it stores user login information in a small file and setup its name as a cookie value with domain scope. When a user hits second war it looks for a cookie value and if it's here, then opens a file and reads credentials. Instead of file you can use a global static map, unless your servlet container provides a good isolation.
1) Store the data in a database. This would have an advantage that you could use the information even if you moved your applications to separate machines that didn't have access to the same file system. Code this to an interface and you can hide your storage mechanism.
2) Put a class of yours in the server level classloader and use a static variable (Map?) to store the information. This way any application running on this server could access the same information.
Whatever solution you choose I would code to an interface which will allow you the flexibility of switching between the above 3 mentioned implementations (save to file, save to db, store in static instance).
I solved similar problem once. Check if my ideas solves your problem.
I was asked to use same authentication information of one Web Application(say "webApp1") in another web Applcation(say "webApp2")which was running on same or different server. I did in this way,
I have an authentication information of a user for webApp1 with me. I am sending this information by encoding in URL request to the webApp2. But here webApp2 is maintaining sessions(and there was no session for the given user in webApp2), hence it took me to the login page of webApp2, which shouldn't. Hence I written another similar login class file in webApp2 but this time that class creates a session (by redirecting the request to browser)with the authentication information (encoded in URL).
In that way I solved my problem. As I didn't have much time then, I haven't explored the servlet container capabilites regarding this. Explore in that direction also.