how to implement single sign on for applications deployed in sun glass fish server
Joined: Oct 07, 2010
Iam using sun glass fish server and have deployed 3 applications in it. I need to implement single sign on for 2 applications and not for the third one. two applications are inter related and i do not want the user to login seperately for those two application.
For login authentication we use our own logic like checking the user name and password from db and if valid authenticate the user and direct him to the index page from login page. I googled to see how to implement SSO and found these points:
To configure single sign-on, set the following properties in the virtual-server element of the domain.xml file:
sso-enabled - If false, single sign-on is disabled for this virtual server, and users must authenticate separately to every application on the virtual server. The default is true.
sso-max-inactive-seconds - Specifies the time after which a user's single sign-on record becomes eligible for purging if no client activity is received. Since single sign-on applies across several applications on the same virtual server, access to any of the applications keeps the single sign-on record active. The default value is 5 minutes (300 seconds). Higher values provide longer single sign-on persistence for the users at the expense of more memory use on the server.
sso-reap-interval-seconds - Specifies the interval between purges of expired single sign-on records. The default value is 60.
Here is an example configuration with all default values: