[undertow-dev] Legacy SSO system integration
Stuart Douglas
sdouglas at redhat.com
Mon Oct 3 17:28:01 EDT 2016
Can you try setting
'io.undertow.servlet.api.DeploymentInfo#changeSessionIdOnLogin' to
false? By default Undertow will generate a new session ID when you
authenticate as a precaution.
Stuart
On Tue, Oct 4, 2016 at 8:19 AM, Vinicius F. Kopcheski
<viniciusfk at hotmail.com> wrote:
> Hello,
>
>
> I'm working to integrate a legacy SSO system with undertow (Wildfly 10), and
> this SSO is also used with JBoss 4 and 6.
>
>
> Its strategy is to share the same JSESSIONID between all the applications
> running inside all those servers.
>
>
> In my custom Authentication Mechanism, I retrieve the session id that will
> be used for this session, but just after invoking
> SecurityContext#authenticationComplete, a new session is created, which
> takes me to have two session cookies. I mean, they both are named
> JSESSIONID.
>
>
> I could find a way to remove this one created by undertow, but I'm not sure
> this is the best approach.
>
>
> What do you suggest me to do is this scenario?
>
>
> _______________
> Vinicius Kopcheski
>
> _______________________________________________
> undertow-dev mailing list
> undertow-dev at lists.jboss.org
> https://lists.jboss.org/mailman/listinfo/undertow-dev
More information about the undertow-dev
mailing list