• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other Pie Elite all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Tim Cooke
  • Campbell Ritchie
  • Ron McLeod
  • Junilu Lacar
  • Liutauras Vilda
Sheriffs:
  • Paul Clapham
  • Jeanne Boyarsky
  • Henry Wong
Saloon Keepers:
  • Tim Moores
  • Tim Holloway
  • Stephan van Hulst
  • Piet Souris
  • Carey Brown
Bartenders:
  • Jesse Duncan
  • Frits Walraven
  • Mikalai Zaikin

session sharing between two different application

 
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Hi All,

There are two different web app A and B running on different linux box+jboss.

A is our main application and User is getting authenticated before he/she can access the application.

webpages from application B are being shown in application A using iframe :

<iframe src="url_webpage_app_B" />

Problem is since both application are running on different server and differnt machine how can we share session

and seesion attribute in both application like:

1)how to authenticare user on app B when he is trying to access it from app A after being authenticated to access app A.

2) Also how to manage session timeout on both application in sync means if session is timeout on app A , it should be timed out at app B also.


i am using jsf, richface and jboss.
 
Ranch Hand
Posts: 1143
5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
i think you are asking for this:
SSO
 
Kumar Gaurav
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
No. It does not serve the purpose as it is clear from problem statement.
 
Punit Jain
Ranch Hand
Posts: 1143
5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
if i am not going wrong,
you was saying that, if user a has already logged in/ authenticated on machine A, now if he accessed the data of Machine B, he should be authenticated for machine B as well, he should not asked for authentication for machine B also.
if i am right,
sso:- Providing a single sign-on, so that users can access multiple accounts and applications with a single password, eliminates the need for multiple passwords for users and simplifies management of user accounts and passwords for system administrators.
 
Kumar Gaurav
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Punit,

I appreciate your response but when i saw the jboss sso link that you have shared across, it is clearly mentioned that all applications should share same domain which is not the same in my case.

What i am looking to achieve is same i.e. SSO and also session sync up between various applications for a given user at a given time.

Please let me know if any thing else i need to tell you.

 
Punit Jain
Ranch Hand
Posts: 1143
5
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator


it is clearly mentioned that all applications should share same domain which is not the same in my case.


okay...
 
Saloon Keeper
Posts: 25656
183
Android Eclipse IDE Tomcat Server Redhat Java Linux
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
There are actually 3 components to this problem:

1. Shared security. You want the authentication to be done before the apps are invoked and for that security realm to be then propagated to the apps. That is SSO (Single Signon).

2. You want to share the same user session between the 2 separate webapps.

3. You want to physically embed the output of one user webapp in the display of the other webapp.

SSO can be provided by using an SSO Tomcat security realm to JBoss. Tomcat is the embedded webapp server component used by JBoss. JBoss adds the missing J2EE stack components, such as EJBs, and jacks the Tomcat security Realm into them.

Sharing a session between 2 different webapps is a Tomcat application configuration option and I commend you to the kind mercies of the Tomcat and JBoss documentation.

Embedding output is the trickiest part. JSF doesn't take too kindly to frames. A better solution would be to use a standard JSR-288/JSR-238 Portal server such as LifeRay and deploy that into JBoss.
 
Kumar Gaurav
Ranch Hand
Posts: 108
  • Mark post as helpful
  • send pies
    Number of slices to send:
    Optional 'thank-you' note:
  • Quote
  • Report post to moderator
Thanks Tim.

I will gather my thoughts and will think on the lines you have suggested.
 
reply
    Bookmark Topic Watch Topic
  • New Topic