Build common interface for two applications(one is in .asp, other in java)

We have two applications. One application in .asp and second application in java. we want to build interface for universal authentication, so that one can access the other application once signed into one application. Both applications are using SQL database, but one is written in .ASP hosted on Windows server while the other is开发者_StackOverflow in JAVA hosted on a Linux server. The applications are currently resided on two different servers.

requirements:

1)The end user are most likely to access the applications through .ASP first, then reach the 2nd application more like "back office" management system. 2)he JAVA application currently works well with IE web browser, but not very smooth with other browsers such as Firefox. Would like to make the application to be more compatible with other browsers.

Please help me, its very important to me. Thanks in advance!

---

You haven't really asked a very clear question, but a few ideas:

• If you had a web service which both platforms could talk to, then the two user interfaces could be reasonably shallow shims over the single code-base
• I assume the Java application is actually still a web application, e.g. with servlets? Cross-browser portability has relatively little to do with the technology powering it... it's all in the HTML and JavaScript delivered to the browser. If you have a specific question about how to make some aspect of a web application work well in multiple browsers, you should give details of that.

Finally - do you really need two applications? Even with something like a common web service, you're likely to end up having to write several of the presentation aspects twice, doing very similar things. Is there any reason for not just settling on one platform and making a single application which covers all the requirements currently satisfied by the two applications?

---

You'll probably want to have a look at Single Sign-On solutions, of which there are quite a few out there in the market. A lot depends on what flexibility & control you have over the applications in order to make changes to integrate such a solution. It also matters as to whether these systems are on a public internet or just have internal clients.

A popular Federated SSO is Shibboleth though I doubt you'd want to put in such a solution for only two servers. It's features might help you clarify what you need from such a product though.

In a place I used to work, for purely internal clients, we just used Windows Domain authentication to allow transparent access to both Windows/ASP and J2EE/Servlet applications. It used JCIFS/NTLM filters for the Java authentication piece so there was never a need to sign onto an application explicitly, the users' login credentials were exchanged between their PCs and the web application "under the hood" and their AD group was membership retrieved to inform their J2EE roles (with the application then controlling access to the database) in much the same way an NTLM authenticated ASP page was handled.