Win a copy of Think Java: How to Think Like a Computer Scientist this week in the Java in General forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

About encodeRedirectURL

 
Amol H Lekurwale
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
I have two applications deployed on two different servers. My process is to let user request to the application on server A, authenticate him and then redirect him to Server B application. Can I send the session object created on Server A to Server B, containing the user data, using the encodeRedirectURL method?
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Session Can not be shared between two web application. pass the user information as QueryString
 
Seetharaman Venkatasamy
Ranch Hand
Posts: 5575
Eclipse IDE Java Windows XP
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
and welcome to javaranch Amol
 
Amol H Lekurwale
Greenhorn
Posts: 9
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
seetharaman venkatasamy wrote:and welcome to javaranch Amol


Thanks seetharaman.
In that case, wont it be a security issue. I guess query string will be like www.xyz.com?a=b&c=d. So, lets say i login the user on one app, and redirect him to some other, passing the credentials as parameters, I cant make a POST request, instead i am making a simple get request. So isnt there any way that the communication between the two applications be made secure?
 
Ulf Dittmer
Rancher
Posts: 42967
73
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
While sessions can't be shared between web apps, it is possible to require only a single login for multiple web apps. It's called SSO (Single Sign-On), and you can find some Java implementations in the http://faq.javaranch.com/java/SecurityFaq#web-apps page.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic