Two Laptop Bag
The moose likes Security and the fly likes Building a Single Sign on application from scratch Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Head First Android this week in the Android forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Building a Single Sign on application from scratch" Watch "Building a Single Sign on application from scratch" New topic
Author

Building a Single Sign on application from scratch

yan yan
Greenhorn

Joined: Aug 01, 2007
Posts: 16
Hi there!

I badly need help. I am task to do a Single Sign on application across multiple web applications. Each web application with their own authentication mechanism. The Single sign on application will be authenticating from an OID LDAP server which i can do so far.
My probem is how can i bypass/skip the login page of each web application. I am thinking of supplying encrypted username and password automatically by passing these parameters to URL with POST method.
What i am thinking is mimicking the behavior of logging in programmatically. Can I do that?

Please help. Thanks a lot.
Ulf Dittmer
Rancher

Joined: Mar 22, 2005
Posts: 42956
    
  73
Maybe the server you're using supports SSO? For instance, Tomcat does, and I would imagine that others do as well. You might also look intro projects like CAS, JOSSO and OpenSSO (all linked in the Security FAQ).
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: Building a Single Sign on application from scratch
 
It's not a secret anymore!