[jboss-dev-forums] [JBoss AS 7 Development] - Single sign not share the same session attributes
Geovanni Chapman
do-not-reply at jboss.com
Mon Jun 24 14:53:22 EDT 2013
Geovanni Chapman [https://community.jboss.org/people/chapman.geovanni] created the discussion
"Single sign not share the same session attributes"
To view the discussion, visit: https://community.jboss.org/message/824616#824616
--------------------------------------------------------------
I have several applications deployed on the same jboss instance. I currently have Single Sign On configured using the <sso/> tag. It is possible for a user to navigate from one application to another app (redirect) deployed on the same jboss instance. Currently when the user is authenticated into the first appplication, the SSO cookie is created and a Single sign on entry is created for this cookie in the SingleSignOn valve which works fine. Each application has a timeout period of 60 mins configured via the web.xml. When the user navigates to the second application the user principal is correctly propogated and a new session is created. However an new SSO entry for the second app is not created since the cookie remains the same.
Now the issue is that lets say the session for the first application expires, even if the second app's session is still active because the user is accessing the 2nd app, the Single Sign On entry is deleted. Therefore the principal is lost on subsequent requests for the second application. Because the Single Sign entry that is removed also gets rid of the principal. Is there a way to get around this issue?
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/824616#824616]
Start a new discussion in JBoss AS 7 Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2225]
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20130624/e6f1a70f/attachment.html
More information about the jboss-dev-forums
mailing list