开发者

Establish SSO and session sharing between two webapplications running on Tomcat 6

开发者 https://www.devze.com 2023-01-28 09:10 出处：网络

I have two web applications, webapp1 (JSF-Spring) and webapp2 (Struts) running on a single Tomcat 6.0.Webapp1 uses JSF phase listener to protect all the resources within the webapp.

相关专题：jsf single-sign-on struts tomcat6

I have two web applications, webapp1 (JSF-Spring) and webapp2 (Struts) running on a single Tomcat 6.0. Webapp1 uses JSF phase listener to protect all the resources within the webapp. After user is authenticate开发者_StackOverflow社区d to webapp1, it renders a page from which webapp2 is invoked via an <iframe> tag.

My questions are:

How can SSO be established between webapp1 and webapp2?
How can session be shared between webapp1 and webapp2?

Replace the PhaseListener by a Filter which does basically the same job and use it on both webapps. This assumes that session is shared and that you've put the logged-in user in the session.
Set emptySessionPath attribute of the <Context> element of both webapps to true.
```
<Context emptySessionPath="true">
```
This can be provided by a /META-INF/context.xml file. See also the linked documentation.