aspose file tools*
The moose likes JSF and the fly likes session sharing between two different application Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Java » JSF
Bookmark "session sharing between two different application" Watch "session sharing between two different application" New topic
Author

session sharing between two different application

Kumar Gaurav
Ranch Hand

Joined: Apr 08, 2008
Posts: 108
Hi All,

There are two different web app A and B running on different linux box+jboss.

A is our main application and User is getting authenticated before he/she can access the application.

webpages from application B are being shown in application A using iframe :

<iframe src="url_webpage_app_B" />

Problem is since both application are running on different server and differnt machine how can we share session

and seesion attribute in both application like:

1)how to authenticare user on app B when he is trying to access it from app A after being authenticated to access app A.

2) Also how to manage session timeout on both application in sync means if session is timeout on app A , it should be timed out at app B also.


i am using jsf, richface and jboss.


Regards,
Gaurav
Punit Jain
Ranch Hand

Joined: Aug 20, 2011
Posts: 1001
    
    2
i think you are asking for this:
SSO
Kumar Gaurav
Ranch Hand

Joined: Apr 08, 2008
Posts: 108
No. It does not serve the purpose as it is clear from problem statement.
Punit Jain
Ranch Hand

Joined: Aug 20, 2011
Posts: 1001
    
    2
if i am not going wrong,
you was saying that, if user a has already logged in/ authenticated on machine A, now if he accessed the data of Machine B, he should be authenticated for machine B as well, he should not asked for authentication for machine B also.
if i am right,
sso:- Providing a single sign-on, so that users can access multiple accounts and applications with a single password, eliminates the need for multiple passwords for users and simplifies management of user accounts and passwords for system administrators.
Kumar Gaurav
Ranch Hand

Joined: Apr 08, 2008
Posts: 108
Punit,

I appreciate your response but when i saw the jboss sso link that you have shared across, it is clearly mentioned that all applications should share same domain which is not the same in my case.

What i am looking to achieve is same i.e. SSO and also session sync up between various applications for a given user at a given time.

Please let me know if any thing else i need to tell you.

Punit Jain
Ranch Hand

Joined: Aug 20, 2011
Posts: 1001
    
    2

it is clearly mentioned that all applications should share same domain which is not the same in my case.

okay...
Tim Holloway
Saloon Keeper

Joined: Jun 25, 2001
Posts: 16303
    
  21

There are actually 3 components to this problem:

1. Shared security. You want the authentication to be done before the apps are invoked and for that security realm to be then propagated to the apps. That is SSO (Single Signon).

2. You want to share the same user session between the 2 separate webapps.

3. You want to physically embed the output of one user webapp in the display of the other webapp.

SSO can be provided by using an SSO Tomcat security realm to JBoss. Tomcat is the embedded webapp server component used by JBoss. JBoss adds the missing J2EE stack components, such as EJBs, and jacks the Tomcat security Realm into them.

Sharing a session between 2 different webapps is a Tomcat application configuration option and I commend you to the kind mercies of the Tomcat and JBoss documentation.

Embedding output is the trickiest part. JSF doesn't take too kindly to frames. A better solution would be to use a standard JSR-288/JSR-238 Portal server such as LifeRay and deploy that into JBoss.


Customer surveys are for companies who didn't pay proper attention to begin with.
Kumar Gaurav
Ranch Hand

Joined: Apr 08, 2008
Posts: 108
Thanks Tim.

I will gather my thoughts and will think on the lines you have suggested.
 
jQuery in Action, 2nd edition
 
subject: session sharing between two different application