I have two applications each with their own context root and each has their own JAAS security domain. I have a set of users with the same logon credentials for both security domains but with differing roles for each domain.
If I set the auth-method for both apps to BASIC then I can authenticate for one app and get the correct roles and then switch to the url of the other app and get the correct roles for that app. I do not need to re-authenticate when switching between apps.
If I set the auth-method for both apps to FORM then I can authenticate for one app and get the correct roles however if I switch the url in the browser to point to the second app I have to re-authenticate myself. (I do however get the correct roles).
Is there a way to get form based authentication to store the user credentials in the same ?magic way? that basic authentication does, and thus allow me to logon once?