Sun Java System Web Server 7.0 Update 4 Developer's Guide to Java Web Applications

User Authentication for Single Sign-On

Single sign-on across applications on the Web Server is supported by the Web Server servlets and JSPs. This feature allows multiple applications that require the same user sign-on information to share this information between them, rather than having the user sign on separately for each application. These applications are created to authenticate the user once. When needed, this authentication information is propagated to all other involved applications.

An example application using the single sign-on scenario could be a consolidated airline booking service that searches all airlines and provides links to different airline web sites. Once the user signs on to the consolidated booking service, the user information can be used by each individual airline site without requiring another sign-on.

Single sign-on operates according to the following rules:

To configure single sign-on, set the following properties in the single-sign-on element of the server.xml file:

The following example shows a configuration with all default values:


<single-sign-on>
        <enabled>1</enabled>
         <idle-timeout>300</idle-timeout>
      </single-sign-on>