Hi,
Iam using sun glass fish server and have deployed 3 applications in it. I need to implement single sign on for 2 applications and not for the third one. two applications are inter related and i do not want the user to login seperately for those two application.
For login authentication we use our own logic like checking the user name and password from db and if valid authenticate the user and direct him to the index page from login page. I googled to see how to implement SSO and found these points:
To configure single sign-on, set the following properties in the virtual-server element of the domain.xml file:
sso-enabled - If false, single sign-on is disabled for this virtual server, and users must authenticate separately to every application on the virtual server. The default is true.
sso-max-inactive-seconds - Specifies the time after which a user's single sign-on record becomes eligible for purging if no client activity is received. Since single sign-on applies across several applications on the same virtual server, access to any of the applications keeps the single sign-on record active. The default value is 5 minutes (300 seconds). Higher values provide longer single sign-on persistence for the users at the expense of more memory use on the server.
sso-reap-interval-seconds - Specifies the interval between purges of expired single sign-on records. The default value is 60.
Here is an example configuration with all default values:
...
<property name="sso-enabled" value="true"/>
<property name="sso-max-inactive-seconds" value="450"/>
<property name="sso-reap-interval-seconds" value="80"/>
</virtual-server>
i did this in my servers domain.xml file. but it does not seam to work. again i googled and came across this point
Single sign-on applies to web applications configured for the same realm and virtual server. The realm is defined by the realm-name element in the web.xml file.
What is realm and how do i set that in my web applications web.xml.
to implement sso in my applications is this what i have to do or is there anything else which i need to follow. i referred this link
http://flyingspheres.blogspot.com/2008/02/single-sign-on-with-glassfish.html
Please guide me