JSP+Tomcat: Single Sign-On

Question

How the best way to create a single sign-on for many JSP applications using Tomcat server?

score 7 · Accepted Answer · answered Dec 14 '10 at 19:59

One possibility is to use Tomcats build in SSO mechanism: http://tomcat.apache.org/tomcat-5.5-doc/config/host.html#Single_Sign_On

A more generic, but still easy to use approach is CAS (Central Authentication Service): http://www.jasig.org/cas It's also open source.

Kerberos is the perfect fit if you want to do Integrated Windows SSO within a corporate environment. (Means, user authenticated to a Microsoft Windows system are automatically logged in to kerberized web applications). For a lot of other use cases it doesn't fit at all.

There is no general "best way" when it comes to SSO for web applications, but maybe one that fits best for your specific requirements. Maybe you can explaing them in a bit more detail?

btw why the heck are you still using Tomcat 5.5?

Nice answer, I will try on this way. BTW the Tomcat 5.5 is a client requirement. You can't always get what you want. :( — Victor, Dec 15 '10 at 18:27
If all of the apps are on a single instance, the Tomcat SSO solution is the most painless, assuming you can work well with container based security. — Will Hartung, Feb 16 '11 at 17:09

score 1 · Answer 2 · answered May 09 '15 at 07:22

1

Have you looked at Tomcat valve?

Look here. https://tomcat.apache.org/tomcat-5.5-doc/config/valve.html#Single_Sign_On_Valve

You need to extend this valve to make it meet your custom requirement. If you need help, let me know.

answered May 09 '15 at 07:22

Anirban Mukherji

106
4

score 0 · Answer 3 · answered Dec 14 '10 at 16:53

0

Authenticating agains a Kerberos Server. You can do that with JAAS and Kerberos 5 JAAS Module.

answered Dec 14 '10 at 16:53

Pablo Santa Cruz

176,835
32
241
292

It's for Tomcat 6, there is any solution for Tomcat 5.5? – Victor Dec 14 '10 at 18:01

JSP+Tomcat: Single Sign-On

3 Answers3

Linked