Spring Security Between Two Apps
https://stackoverflow.com/questions/617079
-
03-07-2019 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I am using the Spring Source 2.0 security plugin and I've done the tutorial described on this page using the Requestmap method of security.
I now want to create a second bookstore as follows and implement the same tutorial.
grails create-app bookstore2
Both apps will share the same database so all users, roles, etc will be common between the two apps. Finally, I want a given user to be automatically authenticated in the second bookstore if he authenticates in the first. What is the best way to implement this?
Solution
You can leverage the "remember me" functionality that Acegi provides. Since it is cookie based, once you authenticate against the first application, it will drop a cookie, and then when you attempt to log in to the second application, as long as the security model is identical, you will be authenticated immediately via the cookie.
See: Acegi Documentation for further details.
OTHER TIPS
You might want to have a look at CAS. It's a federated login server that allows to use Single Sign On accross multiple web application - independent of it's plattform. It's Java, Spring based, but requires that you familiarize yourself with it's architecture. Spring Security has built-in support for CAS.
