Hello,
I've tried ready the docs, traced code and searched the archives, but am
still struggling with an SSO problem...
I have two webapps that use Form Based Authentication and one webapp that
uses a custom authentication mechanism. By turning on the SSO valve within
Tomcat my two Form Authenticated webapps co-exist beautifully with one
another, allowing my users to access both with only one login. Now a
third-party webapp has been introduced and it too must be accessible without
requiring users to login again. The documentation for this third-party app
has indicated that a certain method should be overridden if SSO integration
is needed. The method looks something like this...
bool login(HttpServletRequest request, HttpServletResponse response)
When I jump from a Form Authenticated webapp into the custom authenticated
app the request object that comes across in the method above contains a
JSESSIONIDSSO cookie. At this point I am lost as to what to do next. Should
I be doing some kind of 'lookup' with the value of this cookie or is it just
indicating to me that the request is coming from someone who is already
logged in?
Thanks,
Bob
_________________________________________________________________
FREE pop-up blocking with the new MSN Toolbar get it now!
http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
