You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Omar Adobati <om...@gmail.com> on 2005/01/17 20:45:20 UTC
[Tomcat 5.0] sharing session and authentication
Good Morning,
I would like to know if there is a way to share authentication
informations and session informations too betwen a page and another
one thet is into a iframe.
The authentication is done usiing the tomcat capabilities
(form-authentication method)
--
Adobati Omar
omar.adobati@gmail.it
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: [Tomcat 5.0] sharing session and authentication
Posted by QM <qm...@brandxdev.net>.
On Mon, Jan 17, 2005 at 09:28:49PM +0100, Omar Adobati wrote:
: > If the two resources are not part of the same webapp, then no, this
: > isn't possible (read: not possible using standard J2EE session scoping).
: There is a way, maybe playing with context, to do what i need?
If both sites/webapps run in the same Tomcat container, look into
the SingleSingOn Valve (that may be a typo, watch out). That's
Tomcat-specific, though, and it forces you to put both apps in the same
JVM.
Otherwise, you're outside of the scope of the servlet spec. Look into
writing your own such framework or finding some third-party (free or
otherwise) implementation.
The former would require a fair amount of thought and design if it's
going to be robust. (Sharing auth info is already a sizable task;
sharing session-like data is another challenge.) Ask yourself going in
whether it's even worth the work.
For the latter, I haven't seen any such free/open-source products, so
you may end up paying for a commercial app.
-QM
--
software -- http://www.brandxdev.net
tech news -- http://www.RoarNetworX.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: [Tomcat 5.0] sharing session and authentication
Posted by Omar Adobati <om...@gmail.com>.
the scenario is the last u said.
There is a way, maybe playing with context, to do what i need?
On Mon, 17 Jan 2005 14:24:09 -0600, QM <qm...@brandxdev.net> wrote:
> On Mon, Jan 17, 2005 at 08:45:20PM +0100, Omar Adobati wrote:
> : I would like to know if there is a way to share authentication
> : informations and session informations too betwen a page and another
> : one thet is into a iframe.
> : The authentication is done usiing the tomcat capabilities
> : (form-authentication method)
>
> If I understand your question, this has nothing to do with iframe vs no
> frames, etc: if both resources (URLs) are part of your webapp, then both
> will have access to the same session information (though not the same
> request-scope or page-scope information).
>
> If the two resources are not part of the same webapp, then no, this
> isn't possible (read: not possible using standard J2EE session scoping).
>
> -QM
>
> --
>
> software -- http://www.brandxdev.net
> tech news -- http://www.RoarNetworX.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
>
>
--
Adobati Omar
omar.adobati@gmail.it
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
Re: [Tomcat 5.0] sharing session and authentication
Posted by QM <qm...@brandxdev.net>.
On Mon, Jan 17, 2005 at 08:45:20PM +0100, Omar Adobati wrote:
: I would like to know if there is a way to share authentication
: informations and session informations too betwen a page and another
: one thet is into a iframe.
: The authentication is done usiing the tomcat capabilities
: (form-authentication method)
If I understand your question, this has nothing to do with iframe vs no
frames, etc: if both resources (URLs) are part of your webapp, then both
will have access to the same session information (though not the same
request-scope or page-scope information).
If the two resources are not part of the same webapp, then no, this
isn't possible (read: not possible using standard J2EE session scoping).
-QM
--
software -- http://www.brandxdev.net
tech news -- http://www.RoarNetworX.com
---------------------------------------------------------------------
To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
For additional commands, e-mail: tomcat-user-help@jakarta.apache.org