wood burning stoves 2.0
The moose likes Servlets and the fly likes Servlet communication between different applications Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of Java Interview Guide this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » Servlets
Bookmark "Servlet communication between different applications" Watch "Servlet communication between different applications" New topic

Servlet communication between different applications

Emerald D'souza

Joined: Jan 31, 2008
Posts: 5
sorry if this was posted earlier, i tried searching but didnt know exactly what to type,since there are 100's of posts on servlet comm.

i have three seperate web applications (each with its individual webcontent,web.xml etc) basically they are independent applications. Currently all the HTML files communicate with servlets within the application only(there is no cross application interaction). Now i have to implement a login module for all of these, so that if a user does a login in one application he should be considered logged in in the other two applications also. How do i implement this?
is there a way apart from using cookies. maybe have the servlets communicate directly.

Can i implement the login part as a separate web application?
please suggest me ideas. thanks in advance.
Bear Bibeault
Author and ninkuma

Joined: Jan 10, 2002
Posts: 63874

The term to search for is "single sign on" or "single signon".

[Asking smart questions] [About Bear] [Books by Bear]
Reza Ravasizadeh
Ranch Hand

Joined: Jun 08, 2004
Posts: 177
There are some dirty way to handle your signle sign on solution and some clean way to handle it. Cleanest way is to use single sign on tools.
but as dirty way you can use same persistence(Database/file) mapping for Authentication, or using web service on each part to assist Web Apps interact with each other.

Gladwin Burboz

Joined: Feb 26, 2008
Posts: 25
Single sign on tools are expensive and hard to understand. If you want to try this dirty solution let me know what you think about it.

1. Create a web application which acts as single sign on (sso) server application.
2. You may still have individual login screen with each web app or you can have it on sso app.
3. Each time user is authenticated, sso app should be notified about it by invoking it's URL so that sso app saves this info.
4. SSO app returns you a key (to be used as cookie value), set this as cookie on client such that all of your apps will receive this cookie.
5. Now on any of your app if client is not authenticated they will not get the cookie and should be directed to login page.
6. If we receive a cookie, verify it against sso app by invoking it's URL.
7. If sso app gives positive response, user is authenticated.
8. If sso app gives negative reponse, user is not authenticated.

<a href="http://www.sealordresortarnala.com" target="_blank" rel="nofollow">http://www.sealordresortarnala.com</a>
I agree. Here's the link: http://aspose.com/file-tools
subject: Servlet communication between different applications
It's not a secret anymore!