My application has a few domains, each of them containing web modules (WARs).
Currently, I use basic authentication as an authentication method.
Once a user successfully logged in to one of the domains, he can go on to another domain without having to do basic auth again.
I thought that this behavior is caused by a trust between the domains, but after checking it out, I found that there's no trust configured.
Anyway, I need to "upgrade" my auth method to form-based authentication.
I changed all the web.xml descriptors and wrote the forms for the authentication, and they all work.
The problem is that now every time I want to navigate to a page located in a different web module, I need to pass form auth again,
unlike previously with the basic auth.
Does anyone have a clue why that happens and how I can work this around?
Thanks in advance,
subject: Cross Domain Security with Form Authentication