aspose file tools*
The moose likes Security and the fly likes Form and basic authentication issue Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Form and basic authentication issue" Watch "Form and basic authentication issue" New topic
Author

Form and basic authentication issue

Eshwar Prasad
Ranch Hand

Joined: Mar 21, 2008
Posts: 202
I am developing a new application A implementing form based authentication for user login. However, there is also an existing application B which is already developed with BASIC Authentication.

Both of these connect to same AD through LDAP.

Now, the issue is, if user wants to access both the application. For example, if I login to application A and accessing B will automatically authenticate and provide access without providing the pop up for the user.

The question is how to handle this scenario. Does the ldap user session remains across the browser once login?
William P O'Sullivan
Ranch Hand

Joined: Mar 28, 2012
Posts: 860

That depends.

Are these cross-domain?

You could store data in session and check for it in B.

Better yet, use something SSO based like CAS, and let it do the heavy lifting for you.

WP
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Form and basic authentication issue
 
Similar Threads
How to secure web resources by using MS Active Directory as LDAP Server?
Authentication with LDAP
Swing client communication...
EJB and Security (JAAS)
LDAP authentication + filter + redirect = mess