HttpSession sharing between two apps

Hi

I have two applications (EARS) deployed in websphere, once the user logs into one app he is authorised to access the other app also.

I want to put the user credentials in a session and I want to pass the session to the other app.

how can I approach for this?

how can I share session between two apps?

Do the apps run on different domain names or the same domain?

They run on same domain.....

Dear Madhusudhana E,

Here on JavaRanch, we have a naming policy. We want the users of JavaRanch to use a real name as their display name.

Unfortunately, your name "Madhusudhana E" does not comply to the naming policy. Your name should consist of a first name, space, and second name. A single letter as your second name is not acceptable.

Please take a moment to carefully read the naming policy and change your display name. You can change your name by editing your profile.

Please note that we are taking the naming policy seriously. If you do not change your display name, your account on JavaRanch might be deleted.

You have already been warned multiple times about this, but you still did not change your name. So please change your name immediately.

Sessions aren't meant to be shared across contexts.
There is nothing in the servlet spec for doing this.

Hi can we share session between two applications which are deployed as war files??

"Madhu",
Please check your private messages.

Originally posted by Madhu:
Hi can we share session between two applications which are deployed as war files??

The manner in which they're packaged has nothing to do with this.
HttpSessions are per context and aren't meant to be shared.

I heard that about HttpSessionActivationListner interface

is it for the apps deployed in two different JVMs??

Originally posted by Madhu Sudhana :
I heard that about HttpSessionActivationListner interface

is it for the apps deployed in two different JVMs??

No, it has nothing to do with multiple JVMs.

There are ways for one context to get access to another context's objects but the methods for doing so aren't clearly defined in the servlet spec.
This means that their implementation varies from one container to another.
If you'd like, tell us what container you're using I can move this thread to the forum for that container.
Maybe someone there will know how such things are done in that container.
[ August 22, 2007: Message edited by: Ben Souther ]

I am making use of WebSphere 6.1

Hi Madhu,

It is not possible to share session between two unrelated applications.

If I am getting it right, this is the case of SSO (Single Sign On). You want to make user authenticated by one application, able to use other application without providing credential once again. Sign on one time and use all the application seamlessly without signing on once again.

Here two (more) applications are trying to share data (authentication in this case). There are some framework available to like CA's SiteMinder SSO (http://ca.com/us/products/product.aspx?ID=5480).

You can implement your own SSO using different techniques. Like revers proxy, in which authentication server intercepts all user request and redirect it to cooperating applications. Application share data using cookie /common DB.

Regards
Alok Singh Kushwah

EDIT | I should learn to read :roll:
[ August 22, 2007: Message edited by: Chris Corbyn ]

WebSphere Application Server provides a means for single sign-on. See this link for details.

please go through the link.......it specifies how can we share session between two webmodules of enterprise app in websphere......click here
[ August 27, 2007: Message edited by: Madhu Sudhana ]