I need to implement a single sign-on solution for our portal. Here is the senario. We have a portal hosting several portlet applications. (I mean APPLICATIONS, different war files.) There is also a remote Identity management server somewhere else. When a portlet in our portal access some remote resource, it has to go through the identity managment server to get SAML assertion. My question is how can the portlets in different applications share the sign-on information. Let's say, portlet1 in app1 obtains SAML assertion and artifact. how can portlet2 in app2 use the SAML assertion and artifact when it access resouces of other systems so the portal user does not need to login again. Because portlet1 and portlet2 are in differenet war files (APPLICATIONS), how can portlet1 share the information with portlet2.