How do you accomplish that? By doing this SSO sniff-and-kill-session
thing? It seems more straightforward to expire a particular webapp's
session explicitly and let the SSO expire along with it.
Doesn't that mean you'll have to re-run the same query just to expire
the sessions in the other
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chema,
On 8/16/2011 4:33 AM, Chema wrote:
How do you accomplish that? By doing this SSO
sniff-and-kill-session thing? It seems more straightforward to
expire a particular webapp's session explicitly and let the SSO
expire along with it. Doesn't
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chema,
On 8/12/2011 2:56 PM, Chema wrote:
Why bother?
As soon as the user logs out of one web application (for example,
by invalidating the corresponding session if form based login is
used), the user's sessions in all web applications will be
On 11/08/2011 22:31, Christopher Schultz wrote:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chema,
On 8/11/2011 5:00 PM, Chema wrote:
How I can get SSO ID on a servlet?
Get the cookie value for JSESSIONIDSSO.
I want to know this ID without browser sends a cookie to server.
Why do you need a consistent ID between the two apps?
Because I'll store this ID into a record in database.
The apps checking every 60 sec if this record exists and, if dont ,
perform a logout
-
To unsubscribe, e-mail:
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chema,
On 8/12/2011 3:51 AM, Chema wrote:
Why do you need a consistent ID between the two apps?
Because I'll store this ID into a record in database. The apps
checking every 60 sec if this record exists and, if dont , perform a
logout
Why
Why bother?
As soon as the user logs out of one web application (for example, by
invalidating the corresponding session if form based login is used), the
user's sessions in all web applications will be invalidated. Any
subsequent attempt to access a protected resource in any application
Hi:
I've configurated my server.xml with
Valve className=org.apache.catalina.authenticator.SingleSignOn/
and I've got deployed two web applications with Realm authentication
How I can get SSO ID on a servlet ? I want to know this ID without
browser sends a cookie to server.
I don't need this
-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Chema,
On 8/11/2011 5:00 PM, Chema wrote:
How I can get SSO ID on a servlet?
Get the cookie value for JSESSIONIDSSO.
I want to know this ID without browser sends a cookie to server.
Browser cookies are a requirement to use Tomcat's SSO. Given