You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Anand Tandon <an...@gmail.com> on 2020/05/15 17:40:22 UTC
Using Fediz to SSO between two WARs deployed in the same Tomcat Instance
Hello,
I want to validate if Fediz based SAML SSO can be used for following
use-case.
I have two WAR files deployed in the same Tomcat instance. I'm using
Forgerock OpenAM as IdP. 1st WAR file provides browser based UI and hence
can support interactive login. 2nd WAR provides REST API interface and
hence does not support interactive login. 1st WAR uses data returned from
2nd WAR via REST interface to display in home page.
Can Fediz be used so that the REST call from 1st WAR's UI (embedded
JavaScript) to 2nd WAR doesn't need to re-authenticate with IdP. I have
gotten the 1st WAR (the UI app) working with Fediz and OpenAM.
Thanks,
Anand
Re: Using Fediz to SSO between two WARs deployed in the same Tomcat Instance
Posted by Colm O hEigeartaigh <co...@apache.org>.
Hi Anand,
Yes I believe this should work. In your "fediz_config.xml", only have value
of your UI war name matching the value here for "name": "<contextConfig
name="/fedizhelloworld">".
Colm.
On Fri, May 15, 2020 at 9:31 PM Anand Tandon <an...@gmail.com> wrote:
> Hello,
>
> I want to validate if Fediz based SAML SSO can be used for following
> use-case.
>
> I have two WAR files deployed in the same Tomcat instance. I'm using
> Forgerock OpenAM as IdP. 1st WAR file provides browser based UI and hence
> can support interactive login. 2nd WAR provides REST API interface and
> hence does not support interactive login. 1st WAR uses data returned from
> 2nd WAR via REST interface to display in home page.
>
> Can Fediz be used so that the REST call from 1st WAR's UI (embedded
> JavaScript) to 2nd WAR doesn't need to re-authenticate with IdP. I have
> gotten the 1st WAR (the UI app) working with Fediz and OpenAM.
>
> Thanks,
> Anand
>