Yes you can, but the problem is that each webapp is going to have a different session object. There are a couple of ways you can get around this, each of which would take a little bit of code (but not necessarily a huge amount).
The first step would be to create a very simple webapp - all it would be is the initial login page. The user logs in, at which point you have a couple of choices: 1) If you're using Apache, you can store the sessionID in the database, then use response.sendRedirect() to redirect the user to the appropriate application. This should work because Apache is the one that sets the sessionID (I think) and it should be the same for all of the webapps as long as the domain name is the same. This would take a little experimentation. 2) You could set up an auto-login function for the other apps, in which they would accept a username and hash(username+password). You would then use response.sendRedirect() to something like "/myapp2/autologin.do?username=vineesh&passhash=980341abcd081934". 3) In a shared database, store the IP address of the user who has logged in, and the time, and then redirect to "/myapp2/autologin.do?username=vineesh". In autologin.do, check to make sure that the user is at the same IP address, and that the difference in time is less than a certain amount. I'm sure that there are lots of other ways (some more hacky, some less), but the bottom line is that the only shared memory you have between different webapps is the query string of your redirect, and a shared database (if you have one). I guess you could theoretically set your login page and other webapps to use Diffie-Hellman to set up a private key through a series of redirects, then communicate login information using AES, but that's probably a little overkill. ;) Daniel > -----Original Message----- > From: vineesh kumar [mailto:[EMAIL PROTECTED] > Sent: Friday, December 30, 2005 11:38 PM > To: Tomcat Users List > Subject: Re: Multiple Webbapps, single login.jsp?? > > It's not possible for u to simply write an index.jsp which > automatically redirect the user to the login page? > regards > vineesh > > On 12/30/05, DeFreitas, Nigel <[EMAIL PROTECTED]> wrote: > > Also, look up the JSTL import directive - it let's you include a > > resource from the same web application, a separate web > application in > > the same container, or an external server using HTTP (URL). > > > > Nigel > > > > -----Original Message----- > > From: Mark Thomas [mailto:[EMAIL PROTECTED] > > Sent: Friday, December 30, 2005 8:13 AM > > To: Tomcat Users List > > Subject: Re: Multiple Webbapps, single login.jsp?? > > > > Rob Hills wrote: > > > Hi All, > > > > > > In July 2004, Jonathan asked the question above and described my > > problem exactly: > > > > > > "Is it possible to use a single login.jsp for multiple webapps? > > > > Yes and no. You only have to write it once but it must be deployed > > with each webapp. You should be able to use your source > control system > > and/or your build script to use the same files in multiple apps. > > > > You might be able to do something with SSO and a webapp that only > > exists to provide authentication and a filter that redirects to the > > authentication webapp if required but this is essentially a more > > complex version of form authentication and getting all use cases > > working correctly is going to be much more work than a few > lines in a > > build script. > > > > HTH, > > > > Mark > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
