i have 2 web applications 1 in .net , 1 in java. have create single sign on facility between these 2 applications, have created using cookies referring old questions stack overflow. not work if on browser cookies disabled. need better solution cookies should secure too.
the standards based approach achieve web sso saml (http://www.oasis-open.org/committees/download.php/27819/sstc-saml-tech-overview-2.0-cd-02.pdf). spring saml security extension make easy integrate java based app. if have .net may have adfs, can act samlv2 idp.
ws-federation more common in microsoft env, i'm not sure there nice lib/framework available in java space.
you may have @ oauth2. designed protect apis can use achieve web sso.
Comments
Post a Comment