Need of Single-Sign-on

Hi to all,

My question is what is the need of single sign on in J2EE applications.

We can configure session context in the application server (server.xml file) , so that all the applications will save the session cookie id in the same place. So that we can use the user login session in all the places.

Please help me

Thanks in advance

Consider the case when web applications are hosted on different servers.

Google permits single sign-on extensively. It permits you to logon to other sites as well without having to re-enter your login credentials.

Cheers,
Raj.

Thanks for your quick reply.

So if the application was hosted on the same server we no need the single sing on?

Thanks again

Dilip

The concept of a single sign-on is better explained by Wikipedia:

Single sign-on (SSO) is a property of access control of multiple related, but independent software systems. With this property a user logs in once and gains access to all systems without being prompted to log in again at each of them. Single sign-off is the reverse property whereby a single action of signing out terminates access to multiple software systems.

Have a look at the link below to get a better understanding about the process.
Wiki

Cheers,
Raj.

Thank you so much for your kind and quick reply

Dilip.

Note that you may have to use SSO even for different web apps running on the same server. I think sharing contexts between web apps on the same server is a feature of a particular servlet container, and not mandated by the servlet specification.

Tim Moores wrote:Note that you may have to use SSO even for different web apps running on the same server. I think sharing contexts between web apps on the same server is a feature of a particular servlet container, and not mandated by the servlet specification.

Thank you for your reply