aspose file tools*
The moose likes BEA/Weblogic and the fly likes Cross Domain Security with Form Authentication Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login

Win a copy of EJB 3 in Action this week in the EJB and other Java EE Technologies forum!
JavaRanch » Java Forums » Products » BEA/Weblogic
Bookmark "Cross Domain Security with Form Authentication" Watch "Cross Domain Security with Form Authentication" New topic

Cross Domain Security with Form Authentication

Alon Cohen

Joined: Dec 02, 2010
Posts: 3
My application has a few domains, each of them containing web modules (WARs).
Currently, I use basic authentication as an authentication method.
Once a user successfully logged in to one of the domains, he can go on to another domain without having to do basic auth again.
I thought that this behavior is caused by a trust between the domains, but after checking it out, I found that there's no trust configured.

Anyway, I need to "upgrade" my auth method to form-based authentication.
I changed all the web.xml descriptors and wrote the forms for the authentication, and they all work.

The problem is that now every time I want to navigate to a page located in a different web module, I need to pass form auth again,
unlike previously with the basic auth.

Does anyone have a clue why that happens and how I can work this around?

Thanks in advance,
I agree. Here's the link:
subject: Cross Domain Security with Form Authentication
Similar Threads
Tomcat Realms not working between apps with FORM
How to share value between mutiple war files?
JBoss 5.1 authentication problem (works in JBoss 4.2.3)
FORM and BASIC authentication in the same web app
Redirect to the requested page failed using form-based authentication