Single Domain for Multiple Applications

Top  Previous  Next

MoreMotion Security Service provides single sign on functionality for the web applications running on the same server computer. This way a user who logged in one application can use the other applications without a need for reentering user name and the password.

Assume that there are have two applications, e.g. HR and CRM, that are deployed on the same application server.

http://www.mycomp.com/hr

http://www.mycomp.com/crm

and you want to use the same security domain for the both of the applications. When a user logs in to the security domain from one application you want him to be accepted as logged in by the other one as well.

To achieve this;

1.moremotion_sd.jar should be removed from WEB-INF/lib directory and moved to the common library of the servlet container.
2.the security domain names of the applications must be identical (e.g. "main").
3.Application switch links have to be provided in the pages of the applications as follows

  <a href="/crm/display.doms?pg=index&amp;_sessionid={/root/request/SessionId}">CRM Home Page</a>

The URI of the request should include the path of the target application and the _sessionid parameter must provide the session id of the current application. The session id can be obtained from the "request " data source  with value="{/root/request/SessionId}" definition. Note that the page configuration should define a dataRequest for it as follows:

Page Configuration:

  <dataRequest name="request" selectAll="false">
    <node name="SessionId"/>
  </dataRequest>