We integrated Jforum with one application within a single ear. After logging into application, user will click the Jforum link and user should be able to access Jforum. We are using Acegi to store user after authentiction. Acegi puts all user profile information in session.I found different approaches in documentation to achieve SSO. We have no cookies in our application. Which is the best approach to get SSO. If we use request.getRemoteUser() how will it pick up user info from session dynamically.