jQuery in Action, 3rd edition
The moose likes Security and the fly likes Form and basic authentication issue Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Engineering » Security
Bookmark "Form and basic authentication issue" Watch "Form and basic authentication issue" New topic

Form and basic authentication issue

Skanda Raman
Ranch Hand

Joined: Mar 21, 2008
Posts: 205

I am developing a new application A implementing form based authentication for user login. However, there is also an existing application B which is already developed with BASIC Authentication.

Both of these connect to same AD through LDAP.

Now, the issue is, if user wants to access both the application. For example, if I login to application A and accessing B will automatically authenticate and provide access without providing the pop up for the user.

The question is how to handle this scenario. Does the ldap user session remains across the browser once login?

William P O'Sullivan
Ranch Hand

Joined: Mar 28, 2012
Posts: 859

That depends.

Are these cross-domain?

You could store data in session and check for it in B.

Better yet, use something SSO based like CAS, and let it do the heavy lifting for you.

I agree. Here's the link: http://aspose.com/file-tools
subject: Form and basic authentication issue
jQuery in Action, 3rd edition