I have done much reading on multiple sites and found some dated info about my problem and I was wondering if there were better answers now that a few years have passed. I apologize if this question has been asked on this forum, but I did make an effort to find a similar thread.
Oracle 9i appserver and database
We currently run an aging application that is slowly being rewritten. One of the main problems of the old application is the entire business application is lumped into one application.
For example if we had a problem with one of areas such as accounting all of our divisions (HR, purchasing, etc) would have to be stopped because of accounting.
In future development they would like each 'department' if you will to have its own container, so in other words accounting one be container1, hr would be 2, etc.
The main problem I am coming across is certain employees will need to go back and forth between some of these applications because they work in multiple departments.
I usually store Employee ID information in the session when they login so they can be authorized as they move around, but the sessions do not share information if the container is switched.
For example: Application 1 -- User signs in and authenticates, loads ID info, loads other info
User descides to use Application 2 linked from Application 1 (in a separate container) -- all ID info is gone, now it must be reloaded or reauthenticated.
In the forums the information I have read says that most app servers DO NOT support a way to share session information between containers, but I can't imagine our company is the first to try to implement something of this nature.
So how have people been getting around this problem?
You might need a framework for single signon security feature Check this out Java Open Single Sign-On Project
SCJP, SCWCD, SCJWS, IBM 700,IBM 701, IBM 704, IBM 705, CA Clarity Technical<br /> <br /><a href="http://eddyleesinti.blogspot.com" target="_blank" rel="nofollow">http://eddyleesinti.blogspot.com</a>
Joined: Nov 24, 2003
Thank you for the reply, but unfortunately we currently have a custom built single sign application for our environment that needs to be used. It handles most of our application level roles as well, so this is not an option.
Truthfully, I need to find a way to use what is in the session and 'move' it to another session.
Eddy Lee Sin Ti
Joined: Oct 06, 2005
My suggestions include:
1. Put the security tokens into more global location (such as entity bean, db) where multiple containers can lookup.
2. Implement your own session serialization mechanism between containers. This mechanism can be as simple as serialize the session contents into XML or Java serialization (if destination container also Java-based) and transfer it to the container. You can create a servlet to handle such cross container request.