Hi
We have an application on some fincance package. We need to implement a Single Sign-On so that the logged in user can directly logged into another web based application. Can anybody explain how this can be implemented? In our application e-Mail Id is the primary key.
Regards
Murali
-
Concept of Single sign-on (5 messages)
- Posted by: Murali Mohan
- Posted on: November 12 2002 20:52 EST
Threaded Messages (5)
- Concept of Single sign-on by Sunil S on November 13 2002 07:27 EST
- Concept of Single sign-on by Jens Schumann on November 13 2002 18:30 EST
- Concept of Single sign-on by Murali Mohan on November 13 2002 19:38 EST
-
Concept of Single sign-on by Jens Schumann on November 14 2002 10:28 EST
- Concept of Single sign-on by Murali Mohan on December 01 2002 09:29 EST
-
Concept of Single sign-on by Jens Schumann on November 14 2002 10:28 EST
-
Concept of Single sign-on[ Go to top ]
- Posted by: Sunil S
- Posted on: November 13 2002 07:27 EST
- in response to Murali Mohan
-
Concept of Single sign-on[ Go to top ]
- Posted by: Jens Schumann
- Posted on: November 13 2002 18:30 EST
- in response to Sunil S
Cookie based single sign on sounds good - but what do you do in case of protocols / devices which do not support cookies? Or completly independet servers?
In these cases you may achieve Single Sign On by implementing your own session management on top of the http session management of your servlet/jsp container. That way you can join requests even with different protocols(e.g. wml & soap calls) to one session and add for instance security on top of that (session ids which lead to one super session but are valid for one specific server only).
The tricky part is a clustered environment where you have to implement your own distributed session management.
We implemented it and it really works like a charm, even for clustered environments.
Jens -
Concept of Single sign-on[ Go to top ]
- Posted by: Murali Mohan
- Posted on: November 13 2002 19:38 EST
- in response to Sunil S
Hi,
Thanks for th reply. Also can you please clarify me the following?
We have an application running on iPlanet Application Server 6.0. We use servlet session management apart from our own management. I would like to know what is the restriction on the number of sessions that an iPlanet App Server can create, provided there are ideal conditions like there are no lengthy processes by a single user. Is there any such restriction on the number of sessions that an app server can create?
Regards
MM -
Concept of Single sign-on[ Go to top ]
- Posted by: Jens Schumann
- Posted on: November 14 2002 10:28 EST
- in response to Murali Mohan
Well, as far I can tell there are certain issues with sessions you need to be aware of:
Sessions require memory. As more attributes you put into as more memory you need.
Use a good sized session invalidation time to avoid additional overhead.
In a clustered environment you need distributed sessions, which adds network communication between your cluster nodes. Most HTTP Session are distributed to all nodes, you may alter that behaviour with your own session management.
Jens -
Concept of Single sign-on[ Go to top ]
- Posted by: Murali Mohan
- Posted on: December 01 2002 21:29 EST
- in response to Jens Schumann
Do we have any tool for testing the load and performance of the system?