Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

sharing session in web applications

Tags:

java

jsp

servlets

tomcat

glassfish

I am developing A Web Application using JSP & Servlets (Container: Tomcat7, Database: Oracle10)

I have developed some web applications like Profile, Reports, Leads. Then I have developed A Login application. In this application I am storing USERID in Session with some more session attributes.

After user logs in he will be shown menu which contains links to other Applications like links to Profile Application.

So when I access Session after user log in:

  • If I try to access session withing the same application(Login) then I get session with all the required attributes
  • But when I try to access session from other applications like Profiles then I get session as null

code snippet to check session (Servlet Filter in Login web application)

HttpSession session = request.getSession(false);
if(session==null)
{
    System.out.println("Session does not exist... Redirected to LOGIN Page.");
    response.sendRedirect("/ApplicationName/Login.jsp");
}

I am accessing session in Profile application to check whether user is logged in or not.

Then I have searched, and I have found that Session can't be accessed from other applications for security reasons.(I have also found that it can be done by setting crossContext="true")

Then I have found other option like making EAR of all applications and then deploy it, but unfortunately EAR it is not supported by Tomcat7.

I am new to web environment, so if anyone has worked on this before then please let me know what can be the options?

Thanks in advance

Update1

Now I have decided to use EAR, in which I will pack all WAR files and then I will try to share session between them. since Tomcat doesn't support EAR I have installed Oracle Glassfish, Then I have created Enterprise Application Project which contains two Applications 1. Login and 2. Profiles, and then created EAR file, and deployed it on Glassfish. So I want to share session between those two applications(on Glassfish), so if anybody has any idea about it then please let me know. (link to any tutorial will also be appreciated)

like image 689
Bhushan Avatar asked Apr 17 '13 12:04

Bhushan

1 Answers

As pointed above, the requirement you talking about is Single Sign On (SSO). The simplest SSO that you can implement is the following:

  1. After the successful authentication add the cookie with the encrypted user name (you do not need to encrypt a password)
  2. If you access any of your application with the user name cookie and success to decrypt it, it means that a user was authenticated and you should not show the login page.

Use AES-256 for the encryption.

like image 139
Michael Avatar answered Sep 21 '22 22:09

Michael
Sign in to Comment

Related questions

Who is responsible of the auto-incrementation of a primary key between MySQL and Hibernate?
Populating Spinner using ArrayList in Android
How to set BlockSize and KeySize using AES encription in java
package org.apache.thrift does not exist
Amazon S3 Presigned URLs escape the slashes in the key
Generic for-loop: Is there a way to get iteration information?
Best way to get Sound on Button Press for a Java Calculator?
Defining Java variables that only accept a specific range of values
how does default equals implementation in java works for String? [duplicate]
getServletContext().getRealPath() doesn't work in controller (NPE), but works in jsp
JVM Implementing JRE
Hotkey/Shortcut for JButton
Java - Creating an image
RoboSpice persist JSON array with OrmLite
Is it possible to write a general purpose multiplexer in Java?
Logging simple text in Apache Camel logs
Using AbstractTransactionalJUnit4SpringContextTests with commit halfway through
Unable to write a file while using Tomcat
Fastest way to read huge number of int from binary file
Java Connection Pooling

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!