Aaron Evans wrote: > Raphaël Luta <raphael <at> apache.org> writes: > > >>What you want is a SSO (single sign on) solution. This can be implemented at >>several level: >>- Jetspeed itself has some SSO components although they are designed to allow >>SSO from Jetspeed (ie ytou athenticate into J2 and then you don't need to >>reauthenticate to access remote resources) rather than your use case >>- through a third party SSO provider (Netegrity SiteMinder for commercial, >>mod_sso/CAS for OSS for example) >>- through some simple cookie based system using mod_usertrack of Apache HTTPD > > > One important "level" you have missed is at the tomcat level. If your > applications are both servlet based and can be hosted on tomcat, you can use > tomcat's single sign on capabilities. This is what I have done in my environ- > ment. >
Right, forgot about it. I guess I should use Tomcat more often ;) AFAIK, this only works on a single server instance though. -- Raphaël Luta - [EMAIL PROTECTED] Apache Portals - Enterprise Portal in Java http://portals.apache.org/ --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
