0 Replies Latest reply on Jul 19, 2004 9:43 AM by tzman

    SingleSignOn shared Session


      We are running JBoss 3.2.3 with the default Tomcat 4.1 service. We currently have one web application that talks to stateful session beans with Hibernate on the back end. Login/security is handled by our application from tables in an Oracle database.

      The problem comes in when we now have the need to add a new web application that goes through the same login procedures. We would like to have a specific type of user transfered to this new web application. The servlet specification does not seem to allow for sharing a HttpSession across web applications. It also appears that we are unable to maintain the required data in the EJB session as we have not found a way to transfer the session reference for use in the new web application. I have seen multiple posts on the net stating that you need to store the session data in a database or in a Stateful session bean, but I am not sure how to tell who the user is once they have migrated to the new web application, which at that point they have a new HttpSession.

      I would appreciate anyone being able to point me in the right direction here.

      Thanks much!