I have a web-app (let’s call it app1),in which I can’t even see the source code, and to get into it.I need to do the basic authentication, “user, pass”.
Then I am creating another web-app (app2) (which is java/JSF/Icefaces), where you also have to login using user pass (the user and pass from app1 are the same than user and pass from app2).
Sometimes I have to open one app1 window (to fill in some forms, which I do not want to replicate in app2). I have a valid URL for that window/form, BUT, here is the problem, when I call that URL, then app1 first asks for user/pass, and I do NOT want that. I would like something like single sign on. It is just basic authentication (and I have the user pass).
I tried to open a new jsp in app2, and there sendredirect it to app1 trying to do basic authentication, but I cant, I mean, it does not work.
App1 has a REST API, and I can use it from app2 with basic authentication (So that works).
Can someone help me?
Thaks!!
You can use a
SSO (Single Sign On)concept for this. If you want to do it by SSO straight, yes you can follow the SSO modules, provided by some people. Ofcourse you can create your own SSO method, Implement these steps:1-> Use the
REST/SOAP APIto login to app1. In response, give back a parameter (an encrypted string or something). Store it in some cookie.(In the back, save this parameter against some timeout and user information for eg, in aHashMap)2->While the login happens from second app, send the parameter with the request. If you accept that parameter in backend, try to validate it against
timeoutand may be the user info.Proceed with authentication on success.you can set the parameter in a
domain level cookie.,So all process happens in your backend.Can you try this and let me know?
thanks