Win a copy of The Java Performance Companion this week in the Performance forum!
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic

Servlet communication between different applications

 
Emerald D'souza
Greenhorn
Posts: 5
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,
sorry if this was posted earlier, i tried searching but didnt know exactly what to type,since there are 100's of posts on servlet comm.

i have three seperate web applications (each with its individual webcontent,web.xml etc) basically they are independent applications. Currently all the HTML files communicate with servlets within the application only(there is no cross application interaction). Now i have to implement a login module for all of these, so that if a user does a login in one application he should be considered logged in in the other two applications also. How do i implement this?
is there a way apart from using cookies. maybe have the servlets communicate directly.

Can i implement the login part as a separate web application?
please suggest me ideas. thanks in advance.
 
Bear Bibeault
Author and ninkuma
Marshal
Pie
Posts: 64973
86
IntelliJ IDE Java jQuery Mac Mac OS X
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
The term to search for is "single sign on" or "single signon".
 
Reza Ravasizadeh
Ranch Hand
Posts: 177
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
There are some dirty way to handle your signle sign on solution and some clean way to handle it. Cleanest way is to use single sign on tools.
but as dirty way you can use same persistence(Database/file) mapping for Authentication, or using web service on each part to assist Web Apps interact with each other.
 
Gladwin Burboz
Greenhorn
Posts: 25
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Single sign on tools are expensive and hard to understand. If you want to try this dirty solution let me know what you think about it.

1. Create a web application which acts as single sign on (sso) server application.
2. You may still have individual login screen with each web app or you can have it on sso app.
3. Each time user is authenticated, sso app should be notified about it by invoking it's URL so that sso app saves this info.
4. SSO app returns you a key (to be used as cookie value), set this as cookie on client such that all of your apps will receive this cookie.
5. Now on any of your app if client is not authenticated they will not get the cookie and should be directed to login page.
6. If we receive a cookie, verify it against sso app by invoking it's URL.
7. If sso app gives positive response, user is authenticated.
8. If sso app gives negative reponse, user is not authenticated.
 
  • Post Reply
  • Bookmark Topic Watch Topic
  • New Topic