Consider this scenario. User logs into site A which authenticates the user. From site A there is a link to Site B clicking on which site A passes the credentials to B. Site B is a
struts application running on websphere 5.0. It needs to get the entitlements for the user from an XML file. If my scope starts only from Site B, and i need to take care only of the authorization how do i do so?Also Single Sign On needs to be incorporated between both the applications.
1. Do i use JAAS? If i use JAAS, can i use it only for authorization without using it for authentication. As far as i know, i don't think this is possible. If i am right is there an alternative in JAAS?
2. Is there a way by which i can use WAS Security?
Which is the best way to go about implementing this?
Thanks,
Priya