Jetty has moved!
Jetty is a project at the Eclipse Foundation.
Homepage:http://www.eclipse.org/jetty
Downloads: http://download.eclipse.org/jetty/
Documentation:http://www.eclipse.org/jetty/documentation/current/
About:http://www.eclipse.org/jetty/about.php
Jetty Powered:http://www.eclipse.org/jetty/powered/
Contact the core Jetty developers at www.webtide.com
private support for your internal/customer projects ... custom extensions and distributions ... versioned snapshots for indefinite support ... scalability guidance for your apps and Ajax/Comet projects ... development services from 1 day to full product delivery
Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

Version 1 Next »

Single Sign On - Jetty HashSSORealm

There are very many single sign on technologies available, but on this page we discuss a very simple implementation provided in the standard distro, the HashSSORealm.

The HashSSORealm permits a user to authenticate with one web application, and then have that authentication and authorization shared by other web applications deployed in the same instance.

Configuration

The key is to configure a single instance of the HashSSORealm for all web applications that wish to share authentication and authorization information, and then plug that instance into each UserRealm configured for each web application.

Here's the definition of a HashSSORealm instance:

Now, if we have web applications A and B, we would plug the instance we defined above into the configurations for both:

Web App A
Web App B

Don't Forget!

Icon

You probably need to set up your Session cookie configuration to allow a session id established by one web app to be shared by another. By default, the Session cookie path is that of the context path of the related webapp. So, if you have web app A at /A and web app B at /B, a session id established by /A would not be able to be used by /B, making single sign-on impossible. Check the wiki page Session Configuration for information on how to configure Session cookies.

  • No labels
Contact the core Jetty developers at www.webtide.com
private support for your internal/customer projects ... custom extensions and distributions ... versioned snapshots for indefinite support ... scalability guidance for your apps and Ajax/Comet projects ... development services from 1 day to full product delivery