6 Replies Latest reply on Aug 16, 2010 5:24 PM by Anil Saldanha

    JBoss cluster SSO with PicketLink

    Ben Schofield Novice

      One of the short comings of the JBoss Application Server I have found is providing single sign on across JBoss heterogeneous JBoss clusters.  Has there been any work under the picketlink project to solve this problem?

       

      I am thinking the picketlink STS can create a custom token that is stored as an HTTP cookie at logon.  This token would then be validated by a JAAS login module in the app server instead of prompting the user to login again.  Validation could take place in the login module since in this scenario we will always have the same backend authentication system for all JBoss clusters.  This would save network calls to the STS.  Of course if a user prefers the login module can call back to the picketlink STS for validation. 

       

      I have done a little work in this space and I am wondering if this is something to pursue as a contribution to PicketLink?  Or is it redundant work?  Thoughts?