My question is what is the need of single sign on in J2EE applications.
We can configure session context in the application server (server.xml file) , so that all the applications will save the session cookie id in the same place. So that we can use the user login session in all the places.
The concept of a single sign-on is better explained by Wikipedia:
Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. Single sign-off is the reverse property whereby a single action of signing out terminates access to multiple software systems.
Have a look at the link below to get a better understanding about the process.
Wiki
Cheers,
Raj.
Dilip Ganesh
Greenhorn
Joined: Sep 30, 2011
Posts: 24
posted
0
Thank you so much for your kind and quick reply
Dilip.
Tim Moores
Rancher
Joined: Sep 21, 2011
Posts: 2407
posted
0
Note that you may have to use SSO even for different web apps running on the same server. I think sharing contexts between web apps on the same server is a feature of a particular servlet container, and not mandated by the servlet specification.
Dilip Ganesh
Greenhorn
Joined: Sep 30, 2011
Posts: 24
posted
0
Tim Moores wrote:Note that you may have to use SSO even for different web apps running on the same server. I think sharing contexts between web apps on the same server is a feature of a particular servlet container, and not mandated by the servlet specification.
Thank you for your reply
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to
run our stuff on 16 servers instead of 3.
0
