在少数 Web 应用程序之间共享安全上下文 [英] Sharing security context between few web applications

问题描述

我需要拥有实际上由几个单独的战争组成的 Web 应用程序，它们统一到 UI 上的同一个导航栏，我需要让所有系统都受到保护，但仅对主 Web 应用程序进行身份验证，并且在此安全上下文自动传播到子 Web 之后应用程序.我正在使用 Spring Security，有人可以帮我提供建议吗?谢谢

I need to have web application which actually consist from few separate wars unified into same navigration bar on UI, i need to have all system secured but have authentication only to main web application and after automatic propagation of this security context to sub web applications. I'm using spring security, could someone help me with advice? thanks

推荐答案

Spring Security 将登录数据存储在 http 会话中.所以我会尝试在应用程序之间共享会话.

Spring Security stores the login data in the http session. So what I would try is to share the session between the applications.

通过使用 Single Sing On 属性.

但是请注意，在两个应用程序之间共享会话并非没有危险.请参阅这个堆栈溢出问题.

But be warned, sharing the session between two applications is not without danger. See this Stack Overflow question.

这篇关于在少数 Web 应用程序之间共享安全上下文的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！