ramprasad madathil wrote:We have recently implemented something of this sort using Weblogic and SAML.
Edit : Reading the original post again, I see that you have mentioned that these apps are connected through SSO. It's a little puzzling because why would a set of apps connected through SSO need to ask (within that group) for authetication again? Isnt that what SSO means?
A user session would exist between the client (IE) and which ever component it formed a connection to. But when my application uses a service on behalf of the client the session only exists between it and my app, any onways connections would in effect be different user session (between my app and a service), that service doesn't know about the client, e.g. if and what access should be granted.