Java - How to share the session between two or more Web Application?

Question

I have two web Applications. I will login in to one Web Application and will navigate to another by links or redirection from the first Application. Lastly after completing some steps in Application two, I will be redirected to Application one. How can I implement this?

Here Application two is generic, and I will have three instances of Application One, which will interact with Application two.

Please suggest a better approach. I have to use spring and Spring Webflow to implement it.

Answer 1

Technically, session between two web application (two different WARs) cannot be shared. This is by design and done for security reasons. I would like to make following comments and suggestions for your problem,

1. Session are generally tracked using an session ID which is generally stored as a cookie on the browser and Session object on the server side.
2. This cookie is sent server side every time when you send a request.
3. A cookie will be sent ONLY to the server where it came from.
4. So a cookie set by www.mysite.com/app1 will be sent only to www.mysite.com/app1 and not to www.mysite.com/app2.
5. For you case, for a user sessions to be valid across two application, the browser will need two cookies to be set from app1 and app2.
6. One way would be, when you login to app1 , using java script, also send a login request to app2. When both these request return successfully, your browser will have session for both the applications (app1 and app2)
7. Now logout will have its own challenges, when you logout from app1, you also need to logout from app2. Technically this means, you need to clear the cookies set from both of these applications. With little help from java script you can do this.