You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by George Armhold <ar...@cs.rutgers.edu> on 2004/08/06 18:49:53 UTC
single sign-on for Tomcat+Axis?
I'm wondering if someone could suggest what might be a "best practice"
for implementing single-sign-on for Tomcat/Axis. I have an app that
is partially web-based (servlets and JSPs), and partially Swing-based.
The Swing portion talks to the server over SOAP using Axis. I'd like
the user to be able to log in once, and have his session carry over
from the web half to the Swing/SOAP half, and vice-versa. I have a
couple of "DIY" approaches in mind, but I would like to know if there
is something standard out there.
The first DIY approach that comes to mind is to have Axis/SOAP
implement the true login "session", and make the servlets log in via
SOAP as well. Then the servlets pass SOAP session IDs to any Swing
clients they launch via JNLP. This sounds possible, albeit kind of
kludgy. Is there a more standard solution?
Thanks.
Re: single sign-on for Tomcat+Axis?
Posted by Denise Howard <dh...@pgp.com>.
On 8/6/04 9:49 AM, "George Armhold" <ar...@cs.rutgers.edu> wrote:
> I'm wondering if someone could suggest what might be a "best practice"
> for implementing single-sign-on for Tomcat/Axis. I have an app that
> is partially web-based (servlets and JSPs), and partially Swing-based.
> The Swing portion talks to the server over SOAP using Axis. I'd like
> the user to be able to log in once, and have his session carry over
> from the web half to the Swing/SOAP half, and vice-versa. I have a
> couple of "DIY" approaches in mind, but I would like to know if there
> is something standard out there.
>
> The first DIY approach that comes to mind is to have Axis/SOAP
> implement the true login "session", and make the servlets log in via
> SOAP as well. Then the servlets pass SOAP session IDs to any Swing
> clients they launch via JNLP. This sounds possible, albeit kind of
> kludgy. Is there a more standard solution?
>
> Thanks.
We're getting ready to use a SSO product called Cams from CafeSoft to
accomplish something similar. It works with a variety of application
servers, including Tomcat. http://www.cafesoft.com
DJH
________________________________________________________________
This message could have been secured by PGP Universal. To secure
future messages from this sender, please click this link:
https://keys.pgp.com/b/b.e?r=axis-user@ws.apache.org