Sun Java System Web Server 6.1 SP7 Programmer's Guide to Web Applications

User Authentication for Single Sign-on

The single sign-on across applications on the Sun Java System Web Server is supported by the Sun Java System Web Server servlets and JSPs. This feature allows multiple applications that require the same user sign-on information to share this information between them, rather than having the user sign on separately for each application. These applications are created to authenticate the user one time, and when needed this authentication information is propagated to all other involved applications.

An example application using the single sign-on scenario could be a consolidated airline booking service that searches all airlines and provides links to different airline web sites. Once the user signs on to the consolidated booking service, the user information can be used by each individual airline site without requiring another sign on.

Single sign-on operates according to the following rules:

To configure single sign-on, set the following properties in the VS element of the server.xml file:

Here is an example configuration with all default values:


<VS id="server1" ... >
         ...
        <property name="sso-enabled" value="true">
         <property name="sso-max-inactive-seconds" value="300">
         <property name="sso-reap-interval-seconds" value="60">
      </VS>