• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
  • Campbell Ritchie
  • Ron McLeod
  • Rob Spoor
  • Tim Cooke
  • Junilu Lacar
  • Henry Wong
  • Liutauras Vilda
  • Jeanne Boyarsky
Saloon Keepers:
  • Jesse Silverman
  • Tim Holloway
  • Stephan van Hulst
  • Tim Moores
  • Carey Brown
  • Al Hobbs
  • Mikalai Zaikin
  • Piet Souris

Single Sing-in Strategy for Forum, Bog, Wiki

Ranch Hand
Posts: 2378
MySQL Database Spring Java
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
I will be building a web site as a volunteer for an IT professionals group where I want to use some open source forum, blog, wiki software written in Java to keep my development time minimal. I have chosen the following components.

Forum - JSForum
Blog - JRoller
Wiki - VeryQuickWiki
Hosting - Java Pipe (They provide Tomcat web hosting)
Event Calendar - I will code it myself with some other additional pages.

I would like to know what should be my optimal single sing-in strategy in this scenario. I want my users to register in my site once and with that username/password he should be able to post messages in forum, edit some wiki topic, open a blog of his own etc.

One way to do this would be, to use forum's database as the primary user database and use one kind of interceptor that checks every request/response for user session and if not found redirects to login page of forum or my custom login page finally to be authenticated with the forum database. In that case, all the user details of wiki and blogs must be the same as in the forum or must be synchronized. Seems a little bit overwork...

Any idea how to do it in a clean way? Thanks in advance.
(instanceof Sidekick)
Posts: 8791
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Your interceptor idea sounds similar to commercial products like SiteMinder. You could have a stand-alone authentication application and essentially disable authentication in all the other apps. When a request comes in...

I've seen a home-made system do this with filters.

BTW: This is "Identity 1.0". See Dick Hardt's presentations ... Do You Know Dick? and Who's the Dick on Your Site? for some other ideas.
With a little knowledge, a cast iron skillet is non-stick and lasts a lifetime.
    Bookmark Topic Watch Topic
  • New Topic