File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Security and the fly likes Form and basic authentication issue Big Moose Saloon
  Search | Java FAQ | Recent Topics
Register / Login


Win a copy of The Mikado Method this week in the Agile and other Processes forum!
JavaRanch » Java Forums » Engineering » Security
Reply Bookmark "Form and basic authentication issue" Watch "Form and basic authentication issue" New topic
Author

Form and basic authentication issue

Eshwar Prasad
Ranch Hand

Joined: Mar 21, 2008
Posts: 191
posted private message
0
Quote
I am developing a new application A implementing form based authentication for user login. However, there is also an existing application B which is already developed with BASIC Authentication.

Both of these connect to same AD through LDAP.

Now, the issue is, if user wants to access both the application. For example, if I login to application A and accessing B will automatically authenticate and provide access without providing the pop up for the user.

The question is how to handle this scenario. Does the ldap user session remains across the browser once login?
William P O'Sullivan
Ranch Hand

Joined: Mar 28, 2012
Posts: 860

I like...
Chrome IBM DB2 Java
posted private message
0
Quote
That depends.

Are these cross-domain?

You could store data in session and check for it in B.

Better yet, use something SSO based like CAS, and let it do the heavy lifting for you.

WP
 
I agree. Here's the link: http://ej-technologies/jprofiler - if it wasn't for jprofiler, we would need to run our stuff on 16 servers instead of 3.
 
subject: Form and basic authentication issue
 
Similar Threads
Swing client communication...
How to secure web resources by using MS Active Directory as LDAP Server?
EJB and Security (JAAS)
Authentication with LDAP
LDAP authentication + filter + redirect = mess