Hi David,
I share some of your concern over this single-signon issue. I too read the
specs and believe that they imply just what you say. The best I can offer
as a solution today, however, is what I have already mentioned; use BASIC
authentication, and specify the SAME <realm-name> for every web-app of
interest. With that arrangment, the user will have to sign-on only once.
As for the other user manager classes, I don't have any source of
information other than the Orion-API section of the Orion docs.
Nick Newman, SCIENTECH Inc
At 11:09 AM 7/31/00 -0400, you wrote:
>
>>- With FORM authentication, the browser does NOT know that authentication
>>has been requested - it simply serves the login form like any other. That
>>means that it cannot re-send the login information for you. It is also my
>>belief that the session information (in which the authentication
>>information is stored on the server side) cannot be shared between
>>different apps /web-apps. (The "shared" option refers to sharing session
>>information between sites that serve the SAME web-app.) This means that
>>users will have to log-on to every app individually.
>
>According to the spec, "Web Single Signon" as specified in the J2EE
>bluprints, Page 3-13. It requires that the same login session represents a
>user to all the applications that they access. Can this be done for a
>single web-site/multiple applications.....instead of multiple web-sites and
>applications? I thought servers are required to support this.
>
>>- Also note that usernames and passwords do not HAVE to be supplied in the
>>principals.xml file. The Orion team has supplied methods to obtain them
>>from a database or from some other system via entity beans. Check the
>>different user managers for these features.
>>I hope this helps. Since it may be of interest to others I have copied it
>>to a few other groups. Hope you don't mind.
>
>I've noticed these classes, but have no idea how to use them.....is there
>documentation I don't know about? Or should I just know from reading the
>spec? Most of the spec/blueprints is just theory w/some xml config.....can
>you write the steps, including modifications to all XML files..and how to
>use the UserManger's?
>
>I'm really frustrated right now trying to get all my sites to work with a
>single login and not making the user have to log in over and over.....
>
>David
