Hello,
please, consider the situation:
We have a product that consists of several web applications deployed to
embedded tomcat container.
All the web applications share the same realm (configured on engine level)
and use the SingleSignOn valve.
engine.setRealm(polarionRealm);
engine.getPipeline().addValve(new SingleSignOn());
The main web application is configured to use the FormAuthenticator. The
login/logout pages work well for that application.
So when user access the main web application and when he/she is properly
authenticated than when accessing the other web applications the principal
is properly passed to the other web application and user is not asked to log
in again.
Now the problem is: how should we configure the other web application to use
the login/logout support of the main web application. In the web.xml one can
specify login/logout actions but they are context relative.
<!-- Login configuration uses form-based authentication -->
<login-config>
<auth-method>FORM</auth-method>
<realm-name>PolarionRealm</realm-name>
<form-login-config>
<form-login-page>/login/login</form-login-page>
<form-error-page>/login/error</form-error-page>
</form-login-config>
</login-config>
Is there any standard pattern how to reach the goal that the login/logout
support is implemented on one place (idealy in one very small webapp) and so
many applications can share the auth context using SingleSignOn valve and
the login webapp?
Best,
Jiri Walek
Polarion Software
---------------------------------------------------------------------
To start a new topic, e-mail: users@tomcat.apache.org
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
