在Jetty9 WebAppContexts之间实现SSO [英] Implementing SSO between Jetty9 WebAppContexts

问题描述

我正在开发的Jetty 9应用程序会自动扫描一组JarFiles以获取web.xml，然后以编程方式将包含的webapps导入为WebAppContexts。我需要在各个Web应用程序之间实现单点登录，如以下Jetty 6教程中所述： http://docs.codehaus.org/display/JETTY/Single+Sign+On+-+Jetty+HashSSORealm 。不幸的是，HashSSORealm似乎已从Jetty中移除。 有没有可行的替代方案来实现简单的SSO？

The Jetty 9 application I am developing automatically scans a set of JarFiles for web.xml, then programmatically imports the contained webapps as WebAppContexts. I need to implement single sign-on between the individual webapps, as explained in the following tutorial for Jetty 6: http://docs.codehaus.org/display/JETTY/Single+Sign+On+-+Jetty+HashSSORealm. Unfortunately, HashSSORealm seems to have been removed from Jetty. Are there any viable alternatives for implementing simple SSO?

我确实发现这篇文章推荐了Fediz jetty插件，但更喜欢使用本机如果存在这样的问题，可以使用码头解决方案： http://dev.eclipse.org /mhonarc/lists/jetty-users/msg03176.html

I did find this post recommending the Fediz jetty plugin, but would prefer to use a native jetty solution if such a thing exists: http://dev.eclipse.org/mhonarc/lists/jetty-users/msg03176.html

更多信息：

中心问题似乎是每个WebAppContext都必须有自己的SessionManager，这使得即使使用相同的cookie，WebAppContexts也无法相互共享信息。

The central issue seems to be that each WebAppContext must have its own SessionManager, making it impossible for the WebAppContexts to share information with one another even when using the same cookie.

推荐答案

如果您跨WebAppContexts共享SessionManager，那么所有这些WebAppContexts都会共享完全相同的会话实例。 Servlet规范说WebAppContexts应该共享会话ID，不会话内容。

If you share the SessionManager across WebAppContexts, then all of those WebAppContexts share exactly the same session instances. The Servlet Spec says that the WebAppContexts should share session ids, not session contents.

Jan

这篇关于在Jetty9 WebAppContexts之间实现SSO的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！