| Author |
Shared Security Contexts?
|
Kelly Dolan
Ranch Hand
Joined: Jan 08, 2002
Posts: 103
|
|
Is there any way to configure JBoss/Tomcat or a deployment such that:
a) 2 wars within the same ear share the same security context, and
b) wars within different ears do not share the same security context?
I'm familiar with the <valve> element in server.xml in Tomcat referencing the SingleSignOn class. This provides for (a) but not (b).
Thanks!
|
 |
amit taneja
Ranch Hand
Joined: Mar 14, 2003
Posts: 806
|
|
I'm familiar with the <valve> element in server.xml in Tomcat referencing the SingleSignOn class. This provides for (a) but not (b).
what is single SingleSignOn class ? what stuff ur talking about ?
|
Thanks and Regards,<br />Amit Taneja
|
|
Kelly Dolan
Ranch Hand
Joined: Jan 08, 2002
Posts: 103
|
|
I'm sorry but I don't know enough to really provide details. The only thing I know (because I was told) is when the SingleSignOn class is "turned on" in Tomcat's configuration, the following behavior occurs:
1. User accesses web application A.
2. Web application A requires user to authenticate.
3. User accesses web application B.
4. Web application B trusts credentials entered in #2 (and therefore does not re-authenticate user).
The problem I am facing is that I want the above to be true for a set but not all of web applications deployed in JBoss/Tomcat.
If you want to dig deeper, I suggest going to the Tomcat documentation. The server.xml file that contains the reference to the SingleSignOn class is found in the \deploy\jbossweb-tomcat50.sar folder. The configuration looks like the following and is by default, commented out.
<Valve className="org.apache.catalina.authenticator.SingleSignOn" debug="0"/>
Hope this helps...
|
|
Bear Bibeault
Author and ninkuma
Marshal
Joined: Jan 10, 2002
Posts: 56233
|
|
|
Moved to the Tomcat forum.
|
[Smart Questions] [JSP FAQ] [Books by Bear] [Bear's FrontMan] [About Bear]
|
|
 |
|
|
subject: Shared Security Contexts?
|
|
|
0
