I have two webapps that will both be sitting on the same domain/tomcat application server, just in different context paths. (e.g. abc.com/abc and abc.com/def ). One is an older struts 1.0 application and the other will be a Stripes application.
Ideally I would like to be for a user to log into one 开发者_StackOverflow中文版website then somehow share that authentication. Is this possible?
The struts application is using a tomcat jdbc realm for authentication, but I am not very familiar with details in how this works.
You could check out Tomcat's SSO feature, making use of the SSO Valve
CA SiteMinder was used in one of my previous jobs. It is commercial... But nice.
as a custom solution: Write a filter common to both application (single source/jar file but used bu both apps).
the filter will play a role of persistent session, i.e. the session which is stored in database.
You can search over the web for the open source session persistence implementations
Seems like the host is the same, but web contexts are different - this is simpler task then SSO resolves (which covers multiple web domains in general case)
精彩评论