File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Form and basic authentication issue Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Soft Skills this week in the Jobs Discussion forum!
JavaRanch » Java Forums » Engineering » Security
Bookmark "Form and basic authentication issue" Watch "Form and basic authentication issue" New topic
Author

Form and basic authentication issue

Skanda Raman
Ranch Hand

Joined: Mar 21, 2008
Posts: 205

I am developing a new application A implementing form based authentication for user login. However, there is also an existing application B which is already developed with BASIC Authentication.

Both of these connect to same AD through LDAP.

Now, the issue is, if user wants to access both the application. For example, if I login to application A and accessing B will automatically authenticate and provide access without providing the pop up for the user.

The question is how to handle this scenario. Does the ldap user session remains across the browser once login?

Skanda
William P O'Sullivan
Ranch Hand

Joined: Mar 28, 2012
Posts: 859

That depends.

Are these cross-domain?

You could store data in session and check for it in B.

Better yet, use something SSO based like CAS, and let it do the heavy lifting for you.

WP
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Form and basic authentication issue