• Post Reply Bookmark Topic Watch Topic
  • New Topic

Same session on two separate web applications - bad idea?  RSS feed

 
Andres Delrotti
Ranch Hand
Posts: 178
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hello,

This is my problem. We have this website that is run on two web applications. The first web application hosts the home page and clicking certain links in the home page would forward it to pages of the second web application where certain functionalities can be done. Now, there has been an initiative to redesign the site to have a login page and only logged in users could browse it. This would mean a login page being created in the first app, and when links to the second application are clicked, the pages are supposed to forward to it with the same session of the user that logged in.

We have already creating handling to pass the session from the first app to the second. Logging out from the first application would also invalidate the same user session in the second application. My questions is, is this a bad idea? would it be better to combine the two apps even if it would mean a huge impact?

or is there are better way to do this? like set it in web.xml. I have read that you cannot use two context for it.


Cheers,
Andres
 
Jayesh A Lalwani
Rancher
Posts: 2762
32
Eclipse IDE Spring Tomcat Server
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Do you want to share session state, or do you just want single sign on? If you want SSO there are plenty of industry standard solutions ,, for example OAuth.
 
Andres Delrotti
Ranch Hand
Posts: 178
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Share a session state. Basically make the two application behave the way they behave before but the only difference now is you need to login to access it. Make it seem that you are using the site as if it is one web application.

We are not really planning on making it like a portal in the long run. Just wanted to add a user authentication/authorization functionality to the existing site. The problem is, there happens to be two web applications that compose the site. Login only needs to be added to the first app since it contains the home page.
 
It is sorta covered in the JavaRanch Style Guide.
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!