aspose file tools*
The moose likes Tomcat and the fly likes Shared Security Contexts? Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Spring in Action this week in the Spring forum!
JavaRanch » Java Forums » Products » Tomcat
Bookmark "Shared Security Contexts?" Watch "Shared Security Contexts?" New topic
Author

Shared Security Contexts?

Kelly Dolan
Ranch Hand

Joined: Jan 08, 2002
Posts: 109
Is there any way to configure JBoss/Tomcat or a deployment such that:

a) 2 wars within the same ear share the same security context, and
b) wars within different ears do not share the same security context?

I'm familiar with the <valve> element in server.xml in Tomcat referencing the SingleSignOn class. This provides for (a) but not (b).

Thanks!
amit taneja
Ranch Hand

Joined: Mar 14, 2003
Posts: 810
I'm familiar with the <valve> element in server.xml in Tomcat referencing the SingleSignOn class. This provides for (a) but not (b).


what is single SingleSignOn class ? what stuff ur talking about ?


Thanks and Regards, Amit Taneja
Kelly Dolan
Ranch Hand

Joined: Jan 08, 2002
Posts: 109
I'm sorry but I don't know enough to really provide details. The only thing I know (because I was told) is when the SingleSignOn class is "turned on" in Tomcat's configuration, the following behavior occurs:

1. User accesses web application A.
2. Web application A requires user to authenticate.
3. User accesses web application B.
4. Web application B trusts credentials entered in #2 (and therefore does not re-authenticate user).

The problem I am facing is that I want the above to be true for a set but not all of web applications deployed in JBoss/Tomcat.

If you want to dig deeper, I suggest going to the Tomcat documentation. The server.xml file that contains the reference to the SingleSignOn class is found in the \deploy\jbossweb-tomcat50.sar folder. The configuration looks like the following and is by default, commented out.

<Valve className="org.apache.catalina.authenticator.SingleSignOn" debug="0"/>

Hope this helps...
Bear Bibeault
Author and ninkuma
Marshal

Joined: Jan 10, 2002
Posts: 61415
    
  67

Moved to the Tomcat forum.


[Asking smart questions] [Bear's FrontMan] [About Bear] [Books by Bear]
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Shared Security Contexts?