Single Sign On - novalexei/mod_servlet GitHub Wiki

Single Sign-On

So what is this Single Sign-On everyone is bragging about? Well naturally this is such authentication service that lets a user to login only once to access multiple applications. Sometimes it can be useful feature. So, how do we get it in mod_servlet?

Start with setting share.sessions property in servlet.ini file to true. Then let's create new web application login (doesn't really matter the name) deploy there the shared library with auth_filter written in previous section without changes (Yep, you've heard it right - no changes). No web.xml configuration in this web application is needed. Actually no web.xml file required at all, delete it.

Then create two (or more, if you wish) web applications with check_principal_servlet from Authentication section (but rename them and factory methods for each web application to avoid name clash). In each application in web.xml have the same configuration:

<?xml version="1.0" encoding="UTF-8"?>
<web-app>
    <servlet>
        <servlet-name>PrincipalServlet</servlet-name>
        <servlet-factory>libprincipal.so:principalServlet</servlet-factory>
    </servlet>
    <filter>
        <filter-name>AuthFilter</filter-name>
        <filter-factory>libauth.so(login):authFilter</filter-factory>
    </filter>

    <servlet-mapping>
        <servlet-name>PrincipalServlet</servlet-name>
        <url-pattern>/*</url-pattern>
    </servlet-mapping>
    <filter-mapping>
        <filter-name>AuthFilter</filter-name>
        <url-pattern>/*</url-pattern>
    </filter-mapping>
</web-app>

Actually it is very similar to what you had in previous section with only one small modification:

        <filter-factory>libauth.so(login):authFilter</filter-factory>

This (login) part. It instructs the container instead of trying to locate that library in the same web application, to search it in different one (login in this case). And this is it. Now every web application for which we configured authFilter this way will find it in login web application directory and with sessions shared between applications everything will work. Try it.

Isn't it time to have some fun with JSON?

To The Programming Guide

⚠️ **GitHub.com Fallback** ⚠️