I'm trying to configure our weblogic to accept cross domain.
I have the following problem:
I have two domains (www.a.com and www.a.net) and both domains are calling the same weblogic server.
When a user access to our web for www.a.com weblogic assigns a JSESSIONID. If the same user change to www.a.net weblogic creates a new session with a new JSESSIONID. Then, if the user is logged in www.a.net, he appears at the other domain as not logged.
I have Weblogic 11gR1 and spring security.
How can I configure weblogic to share session between different domains?
Thank you in advance.
Gus.
Related
I have web spring MVC web application that is running in Tomcat 8. This application is calling third party for form submission and do some processing on other server. After coming back from those third party server process, my user session is gone & my application is being redirected to login page again.
I want solution that how can I maintain my user session?
Is there any solution using spring security?
I get the solution related my problem here, but WAR could not deployed on the server.
I currently have two applications deployed in Jboss server. I want to deploy another web application in the same server. The objective of adding one more application is to implement OAuth and create session with the user info.
Is it possible for the existing two applications to consume the session created by my new application with minimal or no code changes?
I am trying SSO between my application and zendesk. I am using openam for this purpose. Suppose app is deployed as app.myapp.com. And I want to have SSO feature with zendesk, whose URL could be something like accountname.zendesk.com. How do I setup openam configurations?
Whatever I have read in documentation is that, there should be a server with openam installed on it. And this will serve as Hosted Identity Provider. Now zendesk is going to be a service provider. This will be remote service provider. So how do I set this up? Should there be another instance of openam acting as remote service provider?
I tried configuring openam for 2 days, but openam documents are too abstract and I couldn't get it to work. Then I tried SSO using JWT i.e. JSON Web Token. Now Single sign on between my application and Zendesk is working fine.
I have two websphere servers.One server has java web application deployed and other has BPM processes.I have configured SSO between two servers,both servers admin console is opening with SSO.
I have to open IBM BPM coach inside my web application with SSO, What should i do in my web application to open coach directly without given user and password.
For establishing SSO between multiple Websphere servers, all you have to do is enable SSO at server level, ensure that LTPA token is generated on successful login to your webapplication. Once LTPA is created, the same is propogated to the 2nd webapp/any other webapp which you access since the cookie created by the Websphere exists in browser and can be consumed by any Websphere server that participates in this SSO.
I am as well trying to setup the SSO between 2 websphere servers but i am unable to get the admin console apps logged in seamlessly.
Can you confirm the steps that you followed? I hope you are using custom standalone registry(referring to user.props & group.props for eg)
Currently I have a requirement from a client where the user may belong to an LDAP server for authentication, or they may belong in an authentication database table.
I want to implement authorisation on my web-service methods with a two step process whereby, (a) the user is first checked against the LDAP server. If the user is not in the LDAP server then (b) check the database table for the user.
In other words it is a cascading two step process. Can this be done in any application server such as Glassfish? I've heard that JBoss can do this.
I don't think it depends on the server, it has to do with whatever security mechanism you choose (like Spring Security etc). I was able to achieve this on Tomcat with Spring Security.
EDIT: you might wanna read this: How to use both database and LDAP authentication in Spring security?