Opt-Out of SSO for one particular webapp ?

jviebig Apr 19, 2018 2:41 AM

Hello,

We have a modular application with multiple webapps deployed which use wildfy SSO mechanism with JSESSIONIDSSO to manage login across webapps.

Now we got the requirement to support an extra webapp that has its own login independent of the other webapps.

Now we need to support another webapp for admin login. It should be possible to login to the user interface and the admin interface from the same browser in different tabs at the same time. The user credentials for admin and user area are different.

We need SSO for the "user" webapps that are part of the normal user interface, so we can't just switch of wildfly SSO.

We also can't use domains to separate sessions because the servers have no fixed domain names and the distinction between admin and user interface is path based.

Is there any config to tell a webapp that it sould not be part of SSO/ignore JSESSIONIDSSO?

We are currently using wildfly 10

1. Re: Opt-Out of SSO for one particular webapp ?

mchoma Apr 19, 2018 7:02 AM (in response to jviebig)

As single-sign-on is configured per undertow/server/host. Is dividing apps to multiple hosts option for you?
Actions
2. Re: Opt-Out of SSO for one particular webapp ?

mchoma Apr 19, 2018 7:05 AM (in response to mchoma)

Looking at single-sign-on resource again. Can't you leverage path attribute?

WildFly 11.0 Model Reference
Actions
3. Re: Opt-Out of SSO for one particular webapp ?

jviebig Apr 19, 2018 7:19 AM (in response to mchoma)

Since wildfly sits behind an nginx proxy, this option could work for me with two host configs on two different ports. Gonna give it a try
Actions

Go to original post