I'm familiar with the <valve> element in server.xml in Tomcat referencing the SingleSignOn class. This provides for (a) but not (b).
what is single SingleSignOn class ? what stuff ur talking about ?
Thanks and Regards, Amit Taneja
Joined: Jan 08, 2002
I'm sorry but I don't know enough to really provide details. The only thing I know (because I was told) is when the SingleSignOn class is "turned on" in Tomcat's configuration, the following behavior occurs:
1. User accesses web application A. 2. Web application A requires user to authenticate. 3. User accesses web application B. 4. Web application B trusts credentials entered in #2 (and therefore does not re-authenticate user).
The problem I am facing is that I want the above to be true for a set but not all of web applications deployed in JBoss/Tomcat.
If you want to dig deeper, I suggest going to the Tomcat documentation. The server.xml file that contains the reference to the SingleSignOn class is found in the \deploy\jbossweb-tomcat50.sar folder. The configuration looks like the following and is by default, commented out.