dcsimg
Single sign-on using container-managed security (j_security_check, etc)
0 posts in topic
Flat View  Flat View
TOPIC ACTIONS:
 

Posted By:   John_Bears
Posted On:   Wednesday, June 7, 2006 09:26 AM

Hi, I have a Tomcat web application under development and I have a need to create 2 jsp code web pages that each redirect user to an external web application. Each of these ext web apps require user to provide username/password at a login page. Both of these apps use FORM-based authentication although app1 uses custom security programming approach (POST action=processLogin.jsp and uses username, password as form input fields)and app2 uses container-managed declarative security approach. (POST action=j_security_check and uses j_username, j_password as form input fields). I need to provide a single sign-on solution with no-login-prompt access to these apps and was able to resolve this with app1   More>>

Hi,




I have a Tomcat web application under development and I have a need to create 2 jsp code web pages that each redirect user to an external web application.


Each of these ext web apps require user to provide username/password at a login page. Both of these apps use FORM-based authentication although app1 uses custom security programming approach (POST action=processLogin.jsp and uses username, password as form input fields)and app2 uses container-managed declarative security approach. (POST action=j_security_check and uses j_username, j_password as form input fields).




I need to provide a single sign-on solution with no-login-prompt access to these apps and was able to resolve this with app1 simply by using this code logic:




<%
String uri = "http://..URL./jsp/processLogin?username=" + username + "&password=" +password;
response.sendRedirect(response.encodeRedirectURL(uri));
%>




So now I need to do the equivalent for access to app2 (tried method below) but this method doesn't seem to work when j_security_check is involved and I haven't been able to find a resolution to this.




<%
String uri = "http://..URL./security/j_security_check?username=" + username + "&password=" +password;
response.sendRedirect(response.encodeRedirectURL(uri));
%>




Would anyone know how to get single sign-on to work when j_security_check method is used?




Any information on this would be much appreciated!




Thanks,


John

   <<Less
About | Sitemap | Contact