Geek Answers Handbook

How to make single sign-on (SSO) between two web applications, PHP and Java EE?

I have an existing Java EE web application running on GlassFish 3.1. The login works fine through jdbcRealm configured in GlassFish 3.1.

Someone from the other team is developing a separate web application in PHP, the boss does not want the application user to have to log in twice. That is, when they entered the Java web application, and they click on the link that displays them in the PHP application, they should already be included in this application. (And vice versa).

I don’t know how to implement this. I thought I could create a long random key (token) that is generated when I enter the application, and is passed in every web request for any application to identify the registered user, but this does not look secure.

I need pointers in the right direction.

+4
source share
1 answer

you said

I thought I could create a long random key (token), which is generated during registration in any application and passes a request in each network for any application to identify the registered user, but this does not seem safe.

But essentially how sessions work.

It’s best to create a unique login ID (as you said), store it in a database cache or cache accessible by both applications, and find a way to save it so that both web applications can retrieve it.

If both applications are in the same root domain, you can use a cookie with an empty file installed on / so that both applications can access it.

If both applications are in a different root domain, this will be a bit more complicated.

Regarding the security associated with the transmission of an identifier token, you can restore the identifier for each request that protects against swapping cookies.

+3
source

More articles:


All Articles